Vulnerability Details CVE-2014-9440
SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the category parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/129789/PHP-Address-Book-Cross-Site-Scripting-SQL-Injection.html
- http://www.exploit-db.com/exploits/35591
- https://exchange.xforce.ibmcloud.com/vulnerabilities/99531
- http://packetstormsecurity.com/files/129789/PHP-Address-Book-Cross-Site-Scripting-SQL-Injection.html
- http://www.exploit-db.com/exploits/35591
- https://exchange.xforce.ibmcloud.com/vulnerabilities/99531
Products affected by CVE-2014-9440
-
cpe:2.3:a:phpmyrecipes_project:phpmyrecipes:1.2.2