Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9457

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2014-9457
Last Modified 05 Jan 2015 06:41:59
Published 02 Jan 2015 03:59:17
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-9457

Summary

SQL injection vulnerability in classes/mono_display.class.php in PMB 4.1.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the id parameter to catalog.php.

Vulnerable Systems

Application

  • Pmb Services Pmb 4.1.3


References

EXPLOIT-DB - 35625


Last Updated: 27 May 2016 10:53:57