Lucene search

[email protected]CVE-2014-9173

HistoryDec 02, 2014 - 4:59 p.m.

CVE-2014-9173

2014-12-0216:59:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2014-9173

sql injection

google doc embedder

view.php

wordpress

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

53.2%

JSON

SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter.

CPENameOperatorVersion
google_doc_embedder_project:google_doc_embeddergoogle doc embedder project google doc embedderle2.5.14

CPE	Name	Operator	Version
google_doc_embedder_project:google_doc_embedder	google doc embedder project google doc embedder	le	2.5.14

References

osvdb.org/show/osvdb/115044

security.szurek.pl/google-doc-embedder-2514-sql-injection.html

www.exploit-db.com/exploits/35371

exchange.xforce.ibmcloud.com/vulnerabilities/98944

plugins.trac.wordpress.org/changeset/1023572/google-document-embedder

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

53.2%

JSON

Related for CVE-2014-9173

prion1 wpvulndb2 cvelist1 openvas1 dsquare1