← back
CVE-2012-6065

CVE-2012-6065

EPSS 1.1%
The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://drupal.org/node/1834046http://drupal.org/node/1834048http://www.madirish.net/551