CVE-2012-5327

Exp

Multiple SQL injection vulnerabilities in fs-admin/fs-admin.php in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) delete_usrgrp[] parameter in a delete_usergroups action, (2) usergroup parameter in an add_user_togroup action, or (3) add_forum_group_id parameter in an add_forum_submit action.

Published: 2012-10-08 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2012-5327 is rated Exploit Available (55.4/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 0.36%). 1 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2012-5327

EDB-ID Source Kind Published Link
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2012-5327

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-03-30 18.63% 0.36% -18.27%
2 2025-03-29 0.36% 18.63% +18.27%
3 2025-03-24 0.36%

Full EPSS history (9 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2012-5327

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
6.5 2.0 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:S)
A single authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 8.0 6.4 [email protected]

Weakness enumeration for CVE-2012-5327

Affected software / configurations for CVE-2012-5327

Vendor Product Version Raw CPE
cartpauj mingle-forum <= 1.0.32.1 cpe:2.3:a:cartpauj:mingle-forum:*:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.00 cpe:2.3:a:cartpauj:mingle-forum:1.0.00:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.01 cpe:2.3:a:cartpauj:mingle-forum:1.0.01:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.02 cpe:2.3:a:cartpauj:mingle-forum:1.0.02:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.03 cpe:2.3:a:cartpauj:mingle-forum:1.0.03:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.04 cpe:2.3:a:cartpauj:mingle-forum:1.0.04:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.05 cpe:2.3:a:cartpauj:mingle-forum:1.0.05:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.06 cpe:2.3:a:cartpauj:mingle-forum:1.0.06:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.07 cpe:2.3:a:cartpauj:mingle-forum:1.0.07:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.08 cpe:2.3:a:cartpauj:mingle-forum:1.0.08:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.09 cpe:2.3:a:cartpauj:mingle-forum:1.0.09:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.10 cpe:2.3:a:cartpauj:mingle-forum:1.0.10:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.11 cpe:2.3:a:cartpauj:mingle-forum:1.0.11:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.12 cpe:2.3:a:cartpauj:mingle-forum:1.0.12:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.13 cpe:2.3:a:cartpauj:mingle-forum:1.0.13:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.14 cpe:2.3:a:cartpauj:mingle-forum:1.0.14:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.15 cpe:2.3:a:cartpauj:mingle-forum:1.0.15:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.16 cpe:2.3:a:cartpauj:mingle-forum:1.0.16:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.17 cpe:2.3:a:cartpauj:mingle-forum:1.0.17:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.18 cpe:2.3:a:cartpauj:mingle-forum:1.0.18:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.19 cpe:2.3:a:cartpauj:mingle-forum:1.0.19:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.20 cpe:2.3:a:cartpauj:mingle-forum:1.0.20:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.21 cpe:2.3:a:cartpauj:mingle-forum:1.0.21:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.21.1 cpe:2.3:a:cartpauj:mingle-forum:1.0.21.1:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.22 cpe:2.3:a:cartpauj:mingle-forum:1.0.22:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.23 cpe:2.3:a:cartpauj:mingle-forum:1.0.23:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.23.1 cpe:2.3:a:cartpauj:mingle-forum:1.0.23.1:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.23.2 cpe:2.3:a:cartpauj:mingle-forum:1.0.23.2:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.24 cpe:2.3:a:cartpauj:mingle-forum:1.0.24:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.25 cpe:2.3:a:cartpauj:mingle-forum:1.0.25:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.26 cpe:2.3:a:cartpauj:mingle-forum:1.0.26:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.27 cpe:2.3:a:cartpauj:mingle-forum:1.0.27:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.28 cpe:2.3:a:cartpauj:mingle-forum:1.0.28:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.28.1 cpe:2.3:a:cartpauj:mingle-forum:1.0.28.1:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.28.2 cpe:2.3:a:cartpauj:mingle-forum:1.0.28.2:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.29 cpe:2.3:a:cartpauj:mingle-forum:1.0.29:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.30 cpe:2.3:a:cartpauj:mingle-forum:1.0.30:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.31 cpe:2.3:a:cartpauj:mingle-forum:1.0.31:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.31.1 cpe:2.3:a:cartpauj:mingle-forum:1.0.31.1:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.31.2 cpe:2.3:a:cartpauj:mingle-forum:1.0.31.2:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.31.3 cpe:2.3:a:cartpauj:mingle-forum:1.0.31.3:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.31.4 cpe:2.3:a:cartpauj:mingle-forum:1.0.31.4:*:*:*:*:*:*:*
cartpauj mingle-forum 1.0.32 cpe:2.3:a:cartpauj:mingle-forum:1.0.32:*:*:*:*:*:*:*

References for CVE-2012-5327

cvelogic Threat Intelligence