Description

SQL injection vulnerability in the Search::setJsonAlert method in OSClass before 3.4.3 allows remote attackers to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.

Remediation

References

CVE-2014-8083

Related Vulnerabilities

Drupal Other Vulnerability (CVE-2005-2106)

Oracle Database Server Other Vulnerability (CVE-2001-1041)

WordPress Plugin Event List PHP Object Injection (0.7.10)

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32566)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Scripting (4.0.4)

Severity

High

Classification

CVE-2014-8083 CWE-138

Tags

Missing Update Known Vulnerabilities