Lucene search
HistoryOct 20, 2014 - 4:55 p.m.
CVE-2014-5275
cve-2014-5275
sql injection
pro chat rooms
text chat rooms
security vulnerability
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.8%
Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter.
Affected configurations
Node
prochatroomstext_chat_roomsMatch8.2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| prochatrooms:text_chat_rooms | prochatrooms text chat rooms | eq | 8.2.0 |
Related
nvd
nvd
CVE-2014-5275
2014-10-20 16:55:09
cvelist
cvelist
CVE-2014-5275
2014-10-20 16:00:00
prion
prion
Sql injection
2014-10-20 16:55:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.8%
Related for CVE-2014-5275