CVE-2014-10023

2015-01-1311:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/.

References

osvdb.org/102834

osvdb.org/102835

osvdb.org/102836

osvdb.org/102837

packetstormsecurity.com/files/125007

www.exploit-db.com/exploits/31419

www.securityfocus.com/bid/65283

exchange.xforce.ibmcloud.com/vulnerabilities/90918