Zurück zur CVE-Übersicht
CVE-2014-9095
HIGH(7.5)AV:N/AC:L/Au:N/C:P/I:P/A:P
Risk Signal Score19/100 — NIEDRIG
- CVSS 7.5 — Hoch
EPSS-Score
2%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.5
Technische Schwere
Beschreibung
Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records.
Referenzen
- http://packetstormsecurity.com/files/127525/Raritan-PowerIQ-Unauthenticated-SQL-...
- http://seclists.org/fulldisclosure/2014/Jul/79
- http://secunia.com/advisories/60138
- http://www.securityfocus.com/bid/68722
- http://packetstormsecurity.com/files/127525/Raritan-PowerIQ-Unauthenticated-SQL-...
- http://seclists.org/fulldisclosure/2014/Jul/79
- http://secunia.com/advisories/60138
- http://www.securityfocus.com/bid/68722