cvelist/2014/8xxx/CVE-2014-8351.json

{
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-8351",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "cookieviz-cve20148351-sql-injection(98454)",
                "refsource": "XF",
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98454"
            },
            {
                "name": "https://github.com/LaboCNIL/CookieViz/commit/489b6050f6c53fe7b24c4bed3eeb9c25543960e2",
                "refsource": "CONFIRM",
                "url": "https://github.com/LaboCNIL/CookieViz/commit/489b6050f6c53fe7b24c4bed3eeb9c25543960e2"
            },
            {
                "name": "20141103 CNIL CookieViz XSS + SQL injection leading to user pwnage",
                "refsource": "FULLDISC",
                "url": "http://seclists.org/fulldisclosure/2014/Nov/3"
            },
            {
                "name": "http://packetstormsecurity.com/files/128960/CNIL-CookieViz-Cross-Site-Scripting-SQL-Injection.html",
                "refsource": "MISC",
                "url": "http://packetstormsecurity.com/files/128960/CNIL-CookieViz-Cross-Site-Scripting-SQL-Injection.html"
            }
        ]
    }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-17 23:53:09 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "cve@mitre.org",`
			`"ID": "CVE-2014-8351",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "n/a",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-17 23:53:09 +00:00			`"lang": "eng",`
			`"value": "SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter."`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
"-Synchronized-Data." 2019-03-17 23:53:09 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "cookieviz-cve20148351-sql-injection(98454)",`
			`"refsource": "XF",`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98454"`
			`},`
			`{`
			`"name": "https://github.com/LaboCNIL/CookieViz/commit/489b6050f6c53fe7b24c4bed3eeb9c25543960e2",`
			`"refsource": "CONFIRM",`
			`"url": "https://github.com/LaboCNIL/CookieViz/commit/489b6050f6c53fe7b24c4bed3eeb9c25543960e2"`
			`},`
			`{`
			`"name": "20141103 CNIL CookieViz XSS + SQL injection leading to user pwnage",`
			`"refsource": "FULLDISC",`
			`"url": "http://seclists.org/fulldisclosure/2014/Nov/3"`
			`},`
			`{`
			`"name": "http://packetstormsecurity.com/files/128960/CNIL-CookieViz-Cross-Site-Scripting-SQL-Injection.html",`
			`"refsource": "MISC",`
			`"url": "http://packetstormsecurity.com/files/128960/CNIL-CookieViz-Cross-Site-Scripting-SQL-Injection.html"`
			`}`
			`]`
			`}`
			`}`