Vulnerability CVE-2014-9242

Vulnerability CVE-2014-9242

Published: 2014-12-03 Modified: 2014-12-04

Description:

	Topic	Author	Date
Med.	WebsiteBaker 2.8.3 XSS / SQL Injection / HTTP Response Splitting	Manuel Garcia Ca...	18.11.2014

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
Websitebaker -> Websitebaker

http://seclists.org/fulldisclosure/2014/Nov/44

http://packetstormsecurity.com/files/129140/WebsiteBaker-2.8.3-XSS-SQL-Injection-HTTP-Response-Splitting.html