| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-2934 | 7.5 |
Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.
|
01-07-2014 - 17:57 | 08-05-2014 - 10:55 | |
| CVE-2014-2933 | 5.0 |
Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname.
|
01-07-2014 - 17:56 | 08-05-2014 - 10:55 | |
| CVE-2014-2936 | 7.5 |
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.ph
|
16-05-2014 - 04:26 | 08-05-2014 - 10:55 | |
| CVE-2014-2935 | 10.0 |
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.
|
16-05-2014 - 04:26 | 08-05-2014 - 10:55 |