SecBoard
Zurück zur CVE-Übersicht

CVE-2014-9005

HIGH(7.5)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Risk Signal Score19/100 — NIEDRIG
  • CVSS 7.5 — Hoch

EPSS-Score

1%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

7.5

Technische Schwere

Beschreibung

Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 allow remote attackers to execute arbitrary SQL commands via the (1) country, (2) gender1, or ((3) gender2 parameter in a search action to index.php.

Referenzen