Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2014-6030

Published: 06/11/2014 Updated: 06/11/2014
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
VMScore: 655
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Classapps

Vulnerability Summary

Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET prior to 4.125.002 allow (1) remote malicious users to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or (2) remote authenticated users to execute arbitrary SQL commands via the SurveyID parameter to survey/UploadImagePopupToDb.aspx.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

classapps selectsurvey.net

classapps selectsurvey.net 4.125.000

Exploits

Exploit DB: ClassApps SelectSurvey.net - Multiple SQL Injections
########## # Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurveynet # Google Dork: intitle:SelectSurvey # Date: Sep 03 2014 # Vendor Homepage: wwwclassappscom/ # Software Link: wwwclassappscom/SelectSurveyNETOverviewasp # Version: 4124004 # Tested on: Windows 2008 R2/SQL Server 2008 # CVE: 2014-6030 ####### ...

References

CWE-89http://seclists.org/fulldisclosure/2014/Sep/62http://packetstormsecurity.com/files/128296/ClassApps-SelectSurvey.net-4.124.004-SQL-Injection.htmlhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/34722/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook