CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-10013

HIGH
7.5
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile23.94th
Published2015年1月13日
Last Modified2026年5月6日

Vulnerability Description

SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action.

Affected Platforms (CPE)

📦
Strategy11

Awp Classifieds

= 3.3.1

References & Advisories

🔗 http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html
🔗 http://www.exploit-db.com/exploits/35204
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/98589
🔗 http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html
🔗 http://www.exploit-db.com/exploits/35204
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/98589

相关漏洞威胁

CVE-2026-395337.5

Unauthenticated Broken Access Control in AWP Classifieds <= 4.4.4 versions.

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-049810.0

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Ma...

CVE-2014-052610.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...