| |
Vulnerability CVE-2014-5138
Published: 2020-01-14
Description: |
Innovative Interfaces Sierra Library Services Platform 1.2_3 does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass parameter validation via unspecified vectors, possibly related to the Webpac Pro submodule. |
See advisories in our WLB2 database: | Topic | Author | Date |
Low |
| CAaNES | 30.08.2014 |
Type:
NVD-CWE-Other
CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5/10 |
2.9/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
https://packetstormsecurity.com/files/128053/Sierra-Library-Services-Platform-1.2_3-XSS-Enumeration.html
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|