Lucene search
MitreCVE-2014-1619HistoryJan 21, 2014 - 3:17 p.m.
CVE-2014-1619
2014-01-2115:17:12
CWE-89
mitre
web.nvd.nist.gov
16
cubic cms
sql injection
remote attack
arbitrary sql commands
cve-2014-1619
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.004
Percentile
74.2%
Multiple SQL injection vulnerabilities in Cubic CMS 5.1.1, 5.1.2, and 5.2 allow remote attackers to execute arbitrary SQL commands via the (1) resource_id or (2) version_id parameter to recursos/agent.php or (3) login or (4) pass parameter to login.usuario.
Affected configurations
Node
cubicfactorycubic_cmsMatch5.1.1
ORcubicfactorycubic_cmsMatch5.1.2
ORcubicfactorycubic_cmsMatch5.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cubicfactory | cubic_cms | 5.1.1 | cpe:2.3:a:cubicfactory:cubic_cms:5.1.1:*:*:*:*:*:*:* |
| cubicfactory | cubic_cms | 5.1.2 | cpe:2.3:a:cubicfactory:cubic_cms:5.1.2:*:*:*:*:*:*:* |
| cubicfactory | cubic_cms | 5.2 | cpe:2.3:a:cubicfactory:cubic_cms:5.2:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2014-01-21 15:17:00
exploitdb
exploitdb
Cubic CMS - Multiple Vulnerabilities
2014-01-07 00:00:00
nvd
nvd
CVE-2014-1619
2014-01-21 15:17:12
cvelist
cvelist
CVE-2014-1619
2014-01-21 15:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.004
Percentile
74.2%
Related for CVE-2014-1619