Lucene search
HistoryMay 22, 2014 - 3:13 p.m.
CVE-2014-3783
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.2%
SQL injection vulnerability in admin/categories.php in Dotclear before 2.6.3 allows remote authenticated users with the manage categories permission to execute arbitrary SQL commands via the categories_order parameter.
Affected configurations
Node
dotcleardotclearRange≤2.6.2
ORdotcleardotclearMatch1.2.1
ORdotcleardotclearMatch1.2.2
ORdotcleardotclearMatch1.2.3
ORdotcleardotclearMatch1.2.4
ORdotcleardotclearMatch1.2.5
ORdotcleardotclearMatch1.2.6
ORdotcleardotclearMatch1.2.7
ORdotcleardotclearMatch1.2.8
ORdotcleardotclearMatch2.0
ORdotcleardotclearMatch2.0beta_2
ORdotcleardotclearMatch2.0beta_3
ORdotcleardotclearMatch2.0beta_4
ORdotcleardotclearMatch2.0beta_5.2
ORdotcleardotclearMatch2.0beta_5.4
ORdotcleardotclearMatch2.0beta_6
ORdotcleardotclearMatch2.0beta_7
ORdotcleardotclearMatch2.0rc1
ORdotcleardotclearMatch2.0rc2
ORdotcleardotclearMatch2.0.1
ORdotcleardotclearMatch2.0.2
ORdotcleardotclearMatch2.1
ORdotcleardotclearMatch2.1.1
ORdotcleardotclearMatch2.1.3
ORdotcleardotclearMatch2.1.4
ORdotcleardotclearMatch2.1.5
ORdotcleardotclearMatch2.1.6
ORdotcleardotclearMatch2.1.7
ORdotcleardotclearMatch2.2
ORdotcleardotclearMatch2.2.1
ORdotcleardotclearMatch2.2.2
ORdotcleardotclearMatch2.2.3
ORdotcleardotclearMatch2.3.0
ORdotcleardotclearMatch2.3.1
ORdotcleardotclearMatch2.4.2
ORdotcleardotclearMatch2.4.3
ORdotcleardotclearMatch2.4.4
ORdotcleardotclearMatch2.5.0
ORdotcleardotclearMatch2.5.1
ORdotcleardotclearMatch2.5.2
ORdotcleardotclearMatch2.5.3
ORdotcleardotclearMatch2.6-
ORdotcleardotclearMatch2.6rc
ORdotcleardotclearMatch2.6.1
Related
cvelist
cvelist
CVE-2014-3783
2014-05-22 15:00:00
packetstorm
packetstorm
Dotclear 2.6.2 SQL Injection
2014-05-22 00:00:00
securityvulns
securityvulns
ubuntucve
ubuntucve
CVE-2014-3783
2014-05-22 00:00:00
prion
prion
Sql injection
2014-05-22 15:13:00
cve
cve
CVE-2014-3783
2014-05-22 15:13:04
openvas
openvas
Dotclear Multiple Vulnerabilities
2014-06-09 00:00:00
zdt
zdt
Dotclear 2.6.2 Multiple Vulnerability
2014-05-25 00:00:00
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.2%
Related for NVD:CVE-2014-3783