CVE-2014-2934

Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2014-05-08 06:55:04.000-04
Last Modified2014-07-01 01:57:09.000-04

Vulnerable Software List

VendorProductVersions
Caldera Caldera 9.20

References

SourceLink
CERT-VNVU#693092