Lucene search
HistoryOct 03, 2022 - 4:20 p.m.
CVE-2014-8294
cve
sql injection
voice of web
allmyguests 0.4.1
remote attackers
arbitrary sql commands
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
47.0%
Multiple SQL injection vulnerabilities in Voice Of Web AllMyGuests 0.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) allmyphp_cookie cookie to admin.php or the (2) Username or (3) Password.
Affected configurations
Node
php_resourcevoice_of_web_allmyguestsMatch0.4.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| php_resource:voice_of_web_allmyguests | php resource voice of web allmyguests | eq | 0.4.1 |
Related
nvd
nvd
CVE-2014-8294
2014-10-15 14:55:09
prion
prion
Sql injection
2014-10-15 14:55:00
cvelist
cvelist
CVE-2014-8294
2022-10-03 16:20:37
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
47.0%
Related for CVE-2014-8294