Vulnerability Details CVE-2014-9613
Multiple SQL injection vulnerabilities in Netsweeper before 2.6.29.10 allow remote attackers to execute arbitrary SQL commands via the (1) login parameter to webadmin/auth/verification.php or (2) dpid parameter to webadmin/deny/index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.038
EPSS Ranking 87.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2014-9613
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.1
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.2
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.4
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.5
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.6
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.7
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.8
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.9