mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
132 lines
4.4 KiB
JSON
132 lines
4.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2014-1636",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin_school_names.php, (2) admin_subjects.php, (3) admin_grades.php, (4) admin_terms.php, (5) admin_school_years.php, (6) admin_sgrades.php, (7) admin_media_codes_1.php, (8) admin_infraction_codes.php, (9) admin_generations.php, (10) admin_relations.php, (11) admin_titles.php, or (12) health_allergies.php in sw/."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "101879",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101879"
|
|
},
|
|
{
|
|
"name": "101884",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101884"
|
|
},
|
|
{
|
|
"name": "101883",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101883"
|
|
},
|
|
{
|
|
"name": "101885",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101885"
|
|
},
|
|
{
|
|
"name": "101874",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101874"
|
|
},
|
|
{
|
|
"name": "101881",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101881"
|
|
},
|
|
{
|
|
"name": "101878",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101878"
|
|
},
|
|
{
|
|
"name": "commandschool-id-sql-injection(90175)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90175"
|
|
},
|
|
{
|
|
"name": "101877",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101877"
|
|
},
|
|
{
|
|
"name": "64707",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/64707"
|
|
},
|
|
{
|
|
"name": "101880",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101880"
|
|
},
|
|
{
|
|
"name": "101882",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101882"
|
|
},
|
|
{
|
|
"name": "101876",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101876"
|
|
},
|
|
{
|
|
"name": "http://packetstormsecurity.com/files/124708/Command-School-Student-Management-System-1.06.01-SQL-Injection-CSRF-XSS.html",
|
|
"refsource": "MISC",
|
|
"url": "http://packetstormsecurity.com/files/124708/Command-School-Student-Management-System-1.06.01-SQL-Injection-CSRF-XSS.html"
|
|
},
|
|
{
|
|
"name": "101875",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/101875"
|
|
}
|
|
]
|
|
}
|
|
} |