CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-10013

HIGH
7.5
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile23.94th
Published2015年1月13日
Last Modified2026年5月6日

Vulnerability Description

SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action.

Affected Platforms (CPE)

📦
Strategy11

Awp Classifieds

= 3.3.1

References & Advisories

🔗 http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html
🔗 http://www.exploit-db.com/exploits/35204
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/98589
🔗 http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html
🔗 http://www.exploit-db.com/exploits/35204
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/98589

相關漏洞威脅

CVE-2026-395337.5

Unauthenticated Broken Access Control in AWP Classifieds <= 4.4.4 versions.

CVE-2014-718610.0

The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service ...

CVE-2014-718710.0

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a ...

CVE-2014-844610.0

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code...