Lucene search

K
prionPRIOn knowledge basePRION:CVE-2014-5086
HistoryFeb 10, 2020 - 3:15 p.m.

Command injection

2020-02-1015:15:00
PRIOn knowledge base
www.prio-n.com
6

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.1%

A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider.

CPENameOperatorVersion
sphiderlt1.3.6
sphider-pluslt3.2
sphider_prolt3.2

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.1%