Vulnerability Details CVE-2014-9095
Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/127525/Raritan-PowerIQ-Unauthenticated-SQL-Injection.html
- http://seclists.org/fulldisclosure/2014/Jul/79
- http://secunia.com/advisories/60138
- http://www.securityfocus.com/bid/68722
- http://packetstormsecurity.com/files/127525/Raritan-PowerIQ-Unauthenticated-SQL-Injection.html
- http://seclists.org/fulldisclosure/2014/Jul/79
- http://secunia.com/advisories/60138
- http://www.securityfocus.com/bid/68722