Skip to main content

Simplenews Scheduler

1 CVEs product

Monthly

CVE-2012-5537 MEDIUM PATCH This Month

The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

PHP Code Injection RCE Simplenews Scheduler
NVD
CVSS 2.0
6.0
EPSS
0.5%
EPSS 1% CVSS 6.0
MEDIUM PATCH This Month

The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

PHP Code Injection RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy