CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-5097

Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) get or (2) set action to rate.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://packetstormsecurity.com/files/127943/ArticleFR-3.0.4-SQL-Injection.html
http://www.securityfocus.com/archive/1/533183/100/0/threaded
http://www.securityfocus.com/bid/69307
https://www.htbridge.com/advisory/HTB23225
http://packetstormsecurity.com/files/127943/ArticleFR-3.0.4-SQL-Injection.html
http://www.securityfocus.com/archive/1/533183/100/0/threaded
http://www.securityfocus.com/bid/69307
https://www.htbridge.com/advisory/HTB23225

Products affected by CVE-2014-5097

Freereprintables » Articlefr » Version: 3.0.4

cpe:2.3:a:freereprintables:articlefr:3.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-5097

Products

Pricing

Contact Us