CVE-2014-2317
Published Mar 9, 2014
Last updated 11 years ago
Overview
- Description
- SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the table parameter. NOTE: some of these details are obtained from third party information.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-89
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opendocman:opendocman:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95E5497B-E681-41EC-A960-72F3523A8339",
"versionEndIncluding": "1.2.7.1"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4D3F02F-3FE2-4D7A-97A5-7CFB53BFEBC1"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.2:a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC21AE07-0BE2-470A-9A9D-9B0A0E1BB50F"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.2:b:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A4674E7-CDAE-46E0-BB50-89982B13EA3F"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEC5FABB-8752-4CFD-BED7-29DD2CE51B80"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.3:a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE2D011C-A93E-46D0-93CE-3670B92C84A6"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4EA4AA2-95AD-4BD2-83E5-C4AE32317216"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5DAD56F-53B1-4D49-9A58-CC60AE2CF5CB"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.7:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7691977-FF85-4A33-8F38-2F35E975B1AB"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.7:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6356D416-603D-4CC2-B788-F66AA5C183EA"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.6.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E47E7FB-D37A-4194-A57C-C40E2F3B5743"
},
{
"criteria": "cpe:2.3:a:opendocman:opendocman:1.2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBA22C31-F0BB-47FF-95B5-6C00FCEBF763"
}
],
"operator": "OR"
}
]
}
]