CVE-2014-9242

2022-10-0316:20:40

mitre

www.cve.org

sql injection

websitebaker

remote attack

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.0%

JSON

SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.

References

packetstormsecurity.com/files/129140/WebsiteBaker-2.8.3-XSS-SQL-Injection-HTTP-Response-Splitting.html

seclists.org/fulldisclosure/2014/Nov/44