CVE-2014-8339

CVE-2014-8339

EPSS 2.1%

SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/128909/Nuevolabs-Nuevoplayer-For-Clipshare-SQL-Injection.html https://exchange.xforce.ibmcloud.com/vulnerabilities/98393 http://www.securityfocus.com/archive/1/533847/100/0/threaded http://www.securityfocus.com/bid/70833 http://www.youtube.com/watch?v=_-oOI1LnEdk