Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-2351

Опубликовано: 20 мая 2014
Источник: nvd
CVSS2: 7.5
CVSS2: 7.5
EPSS Низкий

Описание

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:controlsystemworks:csworks:*:*:*:*:*:*:*:*
Версия до 2.5.5050.0 (включая)
cpe:2.3:a:controlsystemworks:csworks:1.0.601.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.612.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.623.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.720.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.801.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.813.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.901.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.3540.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.3560.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.0.3580.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.1.3600.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.1.3674.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.1.3700.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.2.3730.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.2.3800.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.4.3820.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.4.3830.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.4.3850.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.4.3860.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.4.3880.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.4.3900.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.4.4000.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.7.4050.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:1.7.5000.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:2.0.4115.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:2.0.4115.1:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:2.1.4386.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:2.1.4560.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:2.5.4770.0:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:2.5.4770.1:*:*:*:*:*:*:*
cpe:2.3:a:controlsystemworks:csworks:2.5.4912.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%
0.00464
Низкий

7.5 High

CVSS2

7.5 High

CVSS2

Дефекты

CWE-89
CWE-89

Связанные уязвимости

github логотип

GHSA-hgx2-jcmx-3738

github
больше 3 лет назад

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests.

EPSS

Процентиль: 64%
0.00464
Низкий

7.5 High

CVSS2

7.5 High

CVSS2

Дефекты

CWE-89
CWE-89