CVE-2014-5275

2014-10-2016:00:00

mitre

www.cve.org

8.1 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.8%

JSON

Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter.

References

archives.neohapsis.com/archives/bugtraq/2014-08/0026.html

packetstormsecurity.com/files/127775/Pro-Chat-Rooms-8.2.0-XSS-Shell-Upload-SQL-Injection.html

www.exploit-db.com/exploits/34275

www.osvdb.org/109829

exchange.xforce.ibmcloud.com/vulnerabilities/95127