Lucene search

[email protected]CVE-2014-8339

HistoryNov 04, 2014 - 3:55 p.m.

CVE-2014-8339

2014-11-0415:55:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2014-8339

sql injection

nuevolab

nuevoplayer

clipshare 8.0

security vulnerability

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.1%

JSON

SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter.

CPENameOperatorVersion
nuevolab:nuevoplayernuevolab nuevoplayereq-
clip-share:clipshareclip-share clipsharele8.0

CPE	Name	Operator	Version
nuevolab:nuevoplayer	nuevolab nuevoplayer	eq	-
clip-share:clipshare	clip-share clipshare	le	8.0

References

packetstormsecurity.com/files/128909/Nuevolabs-Nuevoplayer-For-Clipshare-SQL-Injection.html

www.securityfocus.com/archive/1/533847/100/0/threaded

www.securityfocus.com/bid/70833

www.youtube.com/watch?v=_-oOI1LnEdk

exchange.xforce.ibmcloud.com/vulnerabilities/98393

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.1%

JSON

Related for CVE-2014-8339

securityvulns2 cvelist1 prion1 packetstorm1