CVE-2014-4197

2014-08-2214:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.2%

JSON

Multiple SQL injection vulnerabilities in Bank Soft Systems (BSS) RBS BS-Client 3.17.9 allow remote attackers to execute arbitrary SQL commands via the (1) CARDS or (2) XACTION parameter.

References

secunia.com/advisories/59319

www3.trustwave.com/spiderlabs/advisories/TWSL2014-009.txt