Lucene search
PRIOn knowledge basePRION:CVE-2014-3978HistoryOct 20, 2014 - 4:55 p.m.
Sql injection
2014-10-2016:55:00
PRIOn knowledge base
www.prio-n.com
2
8.4 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
40.5%
SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tomatocart | eq | 1.1.8.6.1 |
Related
seebug
seebug
TomatoCart 1.x - SQL Injection Vulnerability
2014-08-20 00:00:00
exploitpack
exploitpack
TomatoCart 1.x - SQL Injection
2014-08-09 00:00:00
dsquare
dsquare
TomatoCart 1.1.8 SQL Injection
2014-09-20 00:00:00
cve
cve
CVE-2014-3978
2014-10-20 16:55:00
zdt
zdt
TomatoCart 1.x - SQL Injection Vulnerability
2014-08-14 00:00:00
exploitdb
exploitdb
TomatoCart 1.x - SQL Injection
2014-08-09 00:00:00
packetstorm
packetstorm
TomatoCart 1.x Cross Site Scripting / SQL Injection
2014-08-06 00:00:00
securityvulns
securityvulns
TomatoCart v1.x (latest-stable) Multiple Vulnerabilities
2014-08-26 00:00:00
openvas
openvas
TomatoCart SQL Injection and Cross Site Scripting Vulnerabilities
2014-10-28 00:00:00
8.4 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
40.5%
Related for PRION:CVE-2014-3978