CVE-2014-3961

2022-10-0316:20:25

CWE-89

[email protected]

web.nvd.nist.gov

sql injection

participants database

wordpress

cve-2014-3961

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.1%

JSON

SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an “output CSV” action to pdb-signup/.

Affected configurations

NVD

Node

xnauparticipants_databaseRange≤1.5.4.8wordpress

xnauparticipants_databaseMatch1.5.4wordpress

xnauparticipants_databaseMatch1.5.4.1wordpress

xnauparticipants_databaseMatch1.5.4.2wordpress

xnauparticipants_databaseMatch1.5.4.3wordpress

xnauparticipants_databaseMatch1.5.4.4wordpress

xnauparticipants_databaseMatch1.5.4.5wordpress

xnauparticipants_databaseMatch1.5.4.6wordpress

xnauparticipants_databaseMatch1.5.4.7wordpress

CPENameOperatorVersion
xnau:participants_databasexnau participants databasele1.5.4.8
xnau:participants_databasexnau participants databaseeq1.5.4
xnau:participants_databasexnau participants databaseeq1.5.4.1
xnau:participants_databasexnau participants databaseeq1.5.4.2
xnau:participants_databasexnau participants databaseeq1.5.4.3
xnau:participants_databasexnau participants databaseeq1.5.4.4
xnau:participants_databasexnau participants databaseeq1.5.4.5
xnau:participants_databasexnau participants databaseeq1.5.4.6
xnau:participants_databasexnau participants databaseeq1.5.4.7

CPE	Name	Operator	Version
xnau:participants_database	xnau participants database	le	1.5.4.8
xnau:participants_database	xnau participants database	eq	1.5.4
xnau:participants_database	xnau participants database	eq	1.5.4.1
xnau:participants_database	xnau participants database	eq	1.5.4.2
xnau:participants_database	xnau participants database	eq	1.5.4.3
xnau:participants_database	xnau participants database	eq	1.5.4.4
xnau:participants_database	xnau participants database	eq	1.5.4.5
xnau:participants_database	xnau participants database	eq	1.5.4.6
xnau:participants_database	xnau participants database	eq	1.5.4.7