Vulnerability Details CVE-2014-125083
A vulnerability has been found in Anant Labs google-enterprise-connector-dctm up to 3.2.3 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/domain leads to sql injection. The patch is named 6fba04f18ab7764002a1da308e7cd9712b501cb7. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218911.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.6%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 5.2
References
- https://github.com/AnantLabs/google-enterprise-connector-dctm/commit/6fba04f18ab7764002a1da308e7cd9712b501cb7
- https://vuldb.com/?ctiid.218911
- https://vuldb.com/?id.218911
- https://github.com/AnantLabs/google-enterprise-connector-dctm/commit/6fba04f18ab7764002a1da308e7cd9712b501cb7
- https://vuldb.com/?ctiid.218911
- https://vuldb.com/?id.218911
Products affected by CVE-2014-125083
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:-
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:1.1.0
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:1.3.0
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:1.3.2
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:2.0.0
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:2.0.2
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:2.4.0
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:2.6.0
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:2.6.6
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:2.8.0
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:3.0.0
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:3.0.4
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:3.2.0
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:3.2.2
-
cpe:2.3:a:anant:google-enterprise-connector-dctm:3.2.3