Lucene search
MitreCVE-2014-3757HistoryMay 15, 2014 - 2:55 p.m.
CVE-2014-3757
2014-05-1514:55:07
CWE-89
mitre
web.nvd.nist.gov
25
cve-2014-3757
sql injection
phpmanufaktur
kitform
keepintouch
kit
vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.001
Percentile
37.0%
SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the sorter_value parameter.
Affected configurations
Node
phpmanufakturkitformRange≤0.43keepintouch
ORphpmanufakturkitformMatch0.10keepintouch
ORphpmanufakturkitformMatch0.11keepintouch
ORphpmanufakturkitformMatch0.12keepintouch
ORphpmanufakturkitformMatch0.13keepintouch
ORphpmanufakturkitformMatch0.14keepintouch
ORphpmanufakturkitformMatch0.15keepintouch
ORphpmanufakturkitformMatch0.16keepintouch
ORphpmanufakturkitformMatch0.17keepintouch
ORphpmanufakturkitformMatch0.18keepintouch
ORphpmanufakturkitformMatch0.19keepintouch
ORphpmanufakturkitformMatch0.20keepintouch
ORphpmanufakturkitformMatch0.21keepintouch
ORphpmanufakturkitformMatch0.22keepintouch
ORphpmanufakturkitformMatch0.23keepintouch
ORphpmanufakturkitformMatch0.24keepintouch
ORphpmanufakturkitformMatch0.25keepintouch
ORphpmanufakturkitformMatch0.26keepintouch
ORphpmanufakturkitformMatch0.27keepintouch
ORphpmanufakturkitformMatch0.28keepintouch
ORphpmanufakturkitformMatch0.29keepintouch
ORphpmanufakturkitformMatch0.30keepintouch
ORphpmanufakturkitformMatch0.31keepintouch
ORphpmanufakturkitformMatch0.32keepintouch
ORphpmanufakturkitformMatch0.33keepintouch
ORphpmanufakturkitformMatch0.34keepintouch
ORphpmanufakturkitformMatch0.35keepintouch
ORphpmanufakturkitformMatch0.36keepintouch
ORphpmanufakturkitformMatch0.37keepintouch
ORphpmanufakturkitformMatch0.38keepintouch
ORphpmanufakturkitformMatch0.39keepintouch
ORphpmanufakturkitformMatch0.40keepintouch
ORphpmanufakturkitformMatch0.41keepintouch
ORphpmanufakturkitformMatch0.42keepintouch
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpmanufaktur | kitform | * | cpe:2.3:a:phpmanufaktur:kitform:*:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.10 | cpe:2.3:a:phpmanufaktur:kitform:0.10:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.11 | cpe:2.3:a:phpmanufaktur:kitform:0.11:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.12 | cpe:2.3:a:phpmanufaktur:kitform:0.12:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.13 | cpe:2.3:a:phpmanufaktur:kitform:0.13:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.14 | cpe:2.3:a:phpmanufaktur:kitform:0.14:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.15 | cpe:2.3:a:phpmanufaktur:kitform:0.15:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.16 | cpe:2.3:a:phpmanufaktur:kitform:0.16:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.17 | cpe:2.3:a:phpmanufaktur:kitform:0.17:*:*:*:*:keepintouch:*:* |
| phpmanufaktur | kitform | 0.18 | cpe:2.3:a:phpmanufaktur:kitform:0.18:*:*:*:*:keepintouch:*:* |
Related
exploitdb
exploitdb
cvelist
cvelist
CVE-2014-3757
2014-05-15 14:00:00
prion
prion
Sql injection
2014-05-15 14:55:00
nvd
nvd
CVE-2014-3757
2014-05-15 14:55:07
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.001
Percentile
37.0%
Related for CVE-2014-3757