Exploitation Summary
EIP tracks 1 public exploit for CVE-2012-4951. PoCs published by Cory Eubanks.
AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in VeriCentre versions prior to 2.2 build 36. It includes a sample exploit URL demonstrating the vulnerability but lacks executable code.
Description
Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.
Exploits (1)
The provided text describes a SQL injection vulnerability in VeriCentre versions prior to 2.2 build 36. It includes a sample exploit URL demonstrating the vulnerability but lacks executable code.