CyberSec.Space Logo
Back to CVE Browser

CVE-2014-8340

HIGH
7.5
CVSS Severity Score
EPSS Score0.1560%
EPSS Percentile27.06th
PublishedDec 16, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via a User-Agent HTTP header.

Affected Platforms (CPE)

πŸ“¦
Zoneo Soft

Phptraffica

<= 2.2.1

References & Advisories

πŸ”— http://packetstormsecurity.com/files/129445/phpTrafficA-2.3-SQL-Injection.html
πŸ”— http://www.securityfocus.com/archive/1/534184/100/0/threaded
πŸ”— http://packetstormsecurity.com/files/129445/phpTrafficA-2.3-SQL-Injection.html
πŸ”— http://www.securityfocus.com/archive/1/534184/100/0/threaded

Related Vulnerabilities

CVE-2007-364710.0

The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attackers to bypass authentication and...

CVE-2007-34287.5

Multiple unspecified vulnerabilities in phpTrafficA before 1.4.2 allow remote attackers to have an unknown impact via the file par...

CVE-2007-10767.5

Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitra...

CVE-2007-34277.5

SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to execute arbitrary SQL command...