CVE-2014-3757

Published May 15, 2014
Last updated 3 months ago
CVSS info 7.5
Overview

Description: SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the sorter_value parameter.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-89
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:*:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FE7643B-46E0-448E-A6DF-E93549B7FD3E",
            "versionEndIncluding": "0.43"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.10:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FB0BF09-7020-488D-A8A2-C121B369F707"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.11:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3923BEFA-B1EC-444E-B503-272EF7F02FA0"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.12:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABA3135C-27D2-483B-B4DC-A3359829FF95"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.13:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18FCE0F1-848F-4B93-9B60-A27C3C96C7CC"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.14:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84961ACC-4E65-47FB-BD30-58C5BA8D4153"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.15:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E0603DB-80B3-4351-929F-DCCBA38DC83A"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.16:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30633844-19B1-4036-8CF0-80FB9754A055"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.17:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B4413B0-D3EC-4645-A413-E4BB34A3C58C"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.18:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEE36658-5D60-4DBE-A16E-7389C69EE9AD"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.19:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E73B4D85-AAAD-4016-8B01-A3DFA4383A77"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.20:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F81A0FB1-7446-4BD7-B676-463AB73ED979"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.21:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07ED7DCE-1856-47A1-993B-A56F812D1B9B"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.22:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0C0D9CD-CB31-41FE-8868-4353272CECF2"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.23:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31799AC4-D5C9-4F76-A429-4A646DFA85E2"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.24:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EC32AC6-D83A-4236-B897-CA3229E13E8E"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.25:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "653E6423-2707-4A15-AB4A-FFE4F0CE697D"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.26:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22EA0B7E-D47B-4DC8-84FE-FB3EE3DE1343"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.27:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "181B0D95-16DE-4E57-9341-476AE420E9DE"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.28:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74A196B2-F445-4002-A143-C7C4F7C0F9F3"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.29:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E601BF71-9149-4140-AE71-06C3A3F91802"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.30:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CAA2415-1006-4581-96A1-AF7813CFBEDE"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.31:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3676C720-26C1-4249-843F-64254474CCF9"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.32:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A502F526-E413-4AED-B478-FBF7659A35B7"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.33:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1227EEB-2947-4743-A853-0D4482CB6659"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.34:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F3C0A02-DEF9-4A34-8854-1F9CB79121A9"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.35:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "609EA287-A6EF-4D2D-A524-FF11BA4E9249"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.36:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD918220-27C1-4A74-AF28-D2E11D171C3D"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.37:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70556AF9-5B9A-4963-AD2B-E59A9524CBD3"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.38:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32E4A954-0E1D-4CD9-B5FA-EC3FFC989117"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.39:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE848E64-0D3F-4576-BB63-739F08BBA2DA"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.40:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B72C8C0A-54AF-4725-8BA5-5253F941C328"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.41:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74DFB885-8B4B-4115-8A32-5B1BE2DC0069"
          },
          {
            "criteria": "cpe:2.3:a:phpmanufaktur:kitform:0.42:*:*:*:*:keepintouch:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECFA01F1-2CE8-4996-A77E-C797201B6154"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
