Lucene search
MitreCVE-2014-7959HistoryNov 06, 2014 - 3:55 p.m.
CVE-2014-7959
2014-11-0615:55:08
CWE-89
mitre
web.nvd.nist.gov
30
cve
2014
7959
sql injection
admin
htaccess
bpsunlock.php
bulletproof security
wordpress
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.1
Confidence
Low
EPSS
0.003
Percentile
69.1%
SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter.
Affected configurations
Node
ait-probulletproof_securityMatch.44wordpress
ORait-probulletproof_securityMatch.44.1wordpress
ORait-probulletproof_securityMatch.45wordpress
ORait-probulletproof_securityMatch.45.1wordpress
ORait-probulletproof_securityMatch.45.2wordpress
ORait-probulletproof_securityMatch.45.3wordpress
ORait-probulletproof_securityMatch.45.4wordpress
ORait-probulletproof_securityMatch.45.5wordpress
ORait-probulletproof_securityMatch.45.6wordpress
ORait-probulletproof_securityMatch.45.7wordpress
ORait-probulletproof_securityMatch.45.8wordpress
ORait-probulletproof_securityMatch.45.9wordpress
ORait-probulletproof_securityMatch.46wordpress
ORait-probulletproof_securityMatch.46.1wordpress
ORait-probulletproof_securityMatch.46.2wordpress
ORait-probulletproof_securityMatch.46.3wordpress
ORait-probulletproof_securityMatch.46.4wordpress
ORait-probulletproof_securityMatch.46.5wordpress
ORait-probulletproof_securityMatch.46.6wordpress
ORait-probulletproof_securityMatch.46.7wordpress
ORait-probulletproof_securityMatch.46.8wordpress
ORait-probulletproof_securityMatch.46.9wordpress
ORait-probulletproof_securityMatch.47wordpress
ORait-probulletproof_securityMatch.47.1wordpress
ORait-probulletproof_securityMatch.47.2wordpress
ORait-probulletproof_securityMatch.47.3wordpress
ORait-probulletproof_securityMatch.47.4wordpress
ORait-probulletproof_securityMatch.47.5wordpress
ORait-probulletproof_securityMatch.47.6wordpress
ORait-probulletproof_securityMatch.47.7wordpress
ORait-probulletproof_securityMatch.47.8wordpress
ORait-probulletproof_securityMatch.47.9wordpress
ORait-probulletproof_securityMatch.48wordpress
ORait-probulletproof_securityMatch.48.1wordpress
ORait-probulletproof_securityMatch.48.2wordpress
ORait-probulletproof_securityMatch.48.3wordpress
ORait-probulletproof_securityMatch.48.4wordpress
ORait-probulletproof_securityMatch.48.5wordpress
ORait-probulletproof_securityMatch.48.6wordpress
ORait-probulletproof_securityMatch.48.7wordpress
ORait-probulletproof_securityMatch.48.8wordpress
ORait-probulletproof_securityMatch.48.9wordpress
ORait-probulletproof_securityMatch.49wordpress
ORait-probulletproof_securityMatch.49.1wordpress
ORait-probulletproof_securityMatch.49.2wordpress
ORait-probulletproof_securityMatch.49.3wordpress
ORait-probulletproof_securityMatch.49.4wordpress
ORait-probulletproof_securityMatch.49.5wordpress
ORait-probulletproof_securityMatch.49.6wordpress
ORait-probulletproof_securityMatch.49.7wordpress
ORait-probulletproof_securityMatch.49.8wordpress
ORait-probulletproof_securityMatch.49.9wordpress
ORait-probulletproof_securityMatch.50wordpress
ORait-probulletproof_securityMatch.50.1wordpress
ORait-probulletproof_securityMatch.50.2wordpress
ORait-probulletproof_securityMatch.50.3wordpress
ORait-probulletproof_securityMatch.50.4wordpress
ORait-probulletproof_securityMatch.50.5wordpress
ORait-probulletproof_securityMatch.50.6wordpress
ORait-probulletproof_securityMatch.50.7wordpress
ORait-probulletproof_securityMatch.50.8wordpress
ORait-probulletproof_securityMatch.50.9wordpress
ORait-probulletproof_securityMatch.51wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ait-pro | bulletproof_security | .44 | cpe:2.3:a:ait-pro:bulletproof_security:.44:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .44.1 | cpe:2.3:a:ait-pro:bulletproof_security:.44.1:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45 | cpe:2.3:a:ait-pro:bulletproof_security:.45:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.1 | cpe:2.3:a:ait-pro:bulletproof_security:.45.1:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.2 | cpe:2.3:a:ait-pro:bulletproof_security:.45.2:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.3 | cpe:2.3:a:ait-pro:bulletproof_security:.45.3:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.4 | cpe:2.3:a:ait-pro:bulletproof_security:.45.4:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.5 | cpe:2.3:a:ait-pro:bulletproof_security:.45.5:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.6 | cpe:2.3:a:ait-pro:bulletproof_security:.45.6:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.7 | cpe:2.3:a:ait-pro:bulletproof_security:.45.7:*:*:*:*:wordpress:*:* |
Related
nvd
nvd
CVE-2014-7959
2014-11-06 15:55:08
prion
prion
Sql injection
2014-11-06 15:55:00
cvelist
cvelist
CVE-2014-7959
2014-11-06 15:00:00
patchstack
patchstack
WordPress BulletProof Security Plugin <= .51 - SQL Injection
2014-10-07 00:00:00
securityvulns
securityvulns
Wordpress bulletproof-security <=.51 multiple vulnerabilities
2014-12-01 00:00:00
wpvulndb
wpvulndb
BulletProof Security <= .51 - Multiple Vulnerabilities (XSS & SSRF)
2014-11-05 00:00:00
zdt
zdt
WordPress Bulletproof-Security .51 Multiple Vulnerabilities
2014-11-06 00:00:00
packetstorm
packetstorm
WordPress Bulletproof-Security .51 XSS / SQL Injection / SSRF
2014-11-05 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.1
Confidence
Low
EPSS
0.003
Percentile
69.1%
Related for CVE-2014-7959