CVE-2014-8766

HIGH(7.5)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Risk Signal Score19/100 — NIEDRIG

CVSS 7.5 — Hoch

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

7.5

Technische Schwere

Beschreibung

Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in a browse action to index.php or (2) unspecified parameters to admin.php.

Referenzen

http://packetstormsecurity.com/files/128565/Allomani-Weblinks-1.0-Cross-Site-Scr...
http://www.securityfocus.com/bid/70255
https://exchange.xforce.ibmcloud.com/vulnerabilities/96843
http://packetstormsecurity.com/files/128565/Allomani-Weblinks-1.0-Cross-Site-Scr...
http://www.securityfocus.com/bid/70255
https://exchange.xforce.ibmcloud.com/vulnerabilities/96843