Vulnerability CVE-2014-5140

Vulnerability CVE-2014-5140

Published: 2020-01-03

Description:

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.5/10	6.4/10	8/10

Affected software
Loadedcommerce -> Loaded7

http://packetstormsecurity.com/files/128183/Loaded-Commerce-7-Shopping-Cart-SQL-Injection.html

http://resources.infosecinstitute.com/exploiting-systemic-query-vulnerabilities-attempt-re-invent-pdo/

http://www.exploit-db.com/exploits/34552

https://exchange.xforce.ibmcloud.com/vulnerabilities/95791

https://github.com/loadedcommerce/loaded7/pull/520