CyberSec.Space Logo
Back to CVE Browser

CVE-2014-2935

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0640%
EPSS Percentile4.59th
PublishedMay 8, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.

Affected Platforms (CPE)

πŸ“¦
Caldera

Caldera

= 9.20

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/693092
πŸ”— http://www.securityfocus.com/bid/67252
πŸ”— http://www.kb.cert.org/vuls/id/693092
πŸ”— http://www.securityfocus.com/bid/67252

Related Vulnerabilities

CVE-2000-037410.0

The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from an...

CVE-2001-018110.0

Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execut...

CVE-2000-037010.0

The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for ...

CVE-2020-199078.8

A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any...