Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/693092 | Exploit US Government Resource |
http://www.kb.cert.org/vuls/id/693092 | Exploit US Government Resource |
Configurations
History
21 Nov 2024, 02:07
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/693092 - Exploit, US Government Resource |
Information
Published : 2014-05-08 10:55
Updated : 2024-11-21 02:07
NVD link : CVE-2014-2934
Mitre link : CVE-2014-2934
CVE.ORG link : CVE-2014-2934
JSON object : View
Products Affected
caldera
- caldera
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')