EUVD-2014-8513

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Installation of SOPlanning 1.32 allows remote users to execute arbitrary PHP code via crafted database name.

Reporter	Title	Published	Views	Family All 9
0day.today	SO Planning 1.32 - Multiple Vulnerabilities	13 Jul 201500:00	–	zdt
CNVD	SO Planning PHP Code Injection Vulnerability	31 Jul 201500:00	–	cnvd
CVE	CVE-2014-8677	31 Aug 201722:00	–	cve
Cvelist	CVE-2014-8677	31 Aug 201722:00	–	cvelist
Exploit DB	SO Planning 1.32 - Multiple Vulnerabilities	13 Jul 201500:00	–	exploitdb
exploitpack	SO Planning 1.32 - Multiple Vulnerabilities	13 Jul 201500:00	–	exploitpack
NVD	CVE-2014-8677	31 Aug 201722:29	–	nvd
Packet Storm	Simple Online Planning Tool 1.3.2 XSS / SQL Injection / Traversal	11 Jul 201500:00	–	packetstorm
Prion	Code injection	31 Aug 201722:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "b49723e0-f66b-3092-9f71-2f63f0311a4b",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "7719561c-df68-3d8c-ab53-10e586a5f378",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2014-8677
securityfocus	www.securityfocus.com/bid/75726
packetstormsecurity	www.packetstormsecurity.com/files/132654/Simple-Online-Planning-Tool-1.3.2-XSS-SQL-Injection-Traversal.html
seclists	www.seclists.org/fulldisclosure/2015/Jul/44
exploit-db	www.exploit-db.com/exploits/37604/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 35.3

CVSS 23.5

EPSS0.03039