Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2014-7178

Published: 28/11/2014 Updated: 17/12/2014
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Enalean

Vulnerability Summary

Enalean Tuleap prior to 7.5.99.6 allows remote malicious users to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.

Vulnerable Product Search on Vulmon Subscribe to Product

enalean tuleap

Exploits

Exploit DB: Enalean Tuleap 7.4.99.5 - Remote Command Execution
Vulnerability title: Tuleap <= 74995 Remote Command Execution in Enalean Tuleap CVE: CVE-2014-7178 Vendor: Enalean Product: Tuleap Affected version: 74995 and earlier Fixed version: 75 Reported by: Jerzy Kramarz Details: Tuleap does not validate the syntax of the requests submitted to SVN handler pages in order to validate weather reque ...
Exploit DB: Tuleap 7.4.99.5 Remote Command Execution
Enalean Tuleap versions 74995 and below suffer from a remote command execution vulnerability ...

References

CWE-20http://seclists.org/fulldisclosure/2014/Oct/121https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7178/https://www.tuleap.org/recent-vulnerabilitieshttps://nvd.nist.govhttps://www.exploit-db.com/exploits/35100/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook