Lucene search
CVE-2014-1471
SQL injection vulnerability in StateGetStatesByType function in OTRS 3.x allows remote attackers to execute arbitrary SQL command
Show more
| Reporter | Title | Published | Views | Family All 18 |
|---|---|---|---|---|
 | CVE-2014-1471 | 4 Feb 201421:55 | – | nvd |
 | CVE-2014-1471 | 4 Feb 201421:55 | – | debiancve |
 | otrs -- multiple vulnerabilities | 28 Jan 201400:00 | – | freebsd |
 | FreeBSD : otrs -- multiple vulnerabilities (c7b5d72b-886a-11e3-9533-60a44c524f57) | 29 Jan 201400:00 | – | nessus |
| Debian DSA-2867-1 : otrs2 - several vulnerabilities | 24 Feb 201400:00 | – | nessus |
 | CVE-2014-1471 | 4 Feb 201416:00 | – | cvelist |
 | Sql injection | 4 Feb 201421:55 | – | prion |
 | CVE-2014-1471 | 4 Feb 201400:00 | – | ubuntucve |
 | Updated otrs packages fix security vulnerabilities and a missing dependency | 26 Feb 201401:22 | – | mageia |
 | [SECURITY] [DSA 2867-1] otrs2 security update | 23 Feb 201420:42 | – | debian |
10
Node
Node
OROROROROROROROROROROROROROROROR
Node
OROROROROROROROROROROROROROROROROR
10
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| ticket_search | query param | /Kernel/System/State.pm | SQL injection vulnerability in the StateGetStatesByType function allowing execution of arbitrary SQL commands. | CWE-89 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo04 Feb 2014 21:55Current
8.2High risk
Vulners AI Score8.2
CVSS27.5
EPSS0.00451