risheesh debutsav sql injection

A vulnerability, which was classified as critical, has been found in risheesh debutsav. This issue affects some unknown processing. The manipulation leads to sql injection. The CWE definition for the vulnerability is CWE-89. The weakness was shared 01/16/2023 as 7a8430df79277c613449262201cc792db894fc76. It is possible to read the advisory at github.com. The identification of this vulnerability is CVE-2014-125081. The attack needs to be done within the local network. There are no technical details available. There is no exploit available. The pricing for an exploit might be around USD $0-$5k at the moment. The attack technique deployed by this issue is T1505 according to MITRE ATT&CK. It is declared as not defined. We expect the 0-day to have been worth approximately $0-$5k. The patch is named 7a8430df79277c613449262201cc792db894fc76. The bugfix is ready for download at github.com. It is recommended to apply a patch to fix this issue. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

Field01/17/2023 00:0002/09/2023 09:0802/09/2023 09:10
vendorrisheeshrisheeshrisheesh
namedebutsavdebutsavdebutsav
cwe89 (sql injection)89 (sql injection)89 (sql injection)
risk222
cvss3_vuldb_acLLL
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
identifier7a8430df79277c613449262201cc792db894fc767a8430df79277c613449262201cc792db894fc767a8430df79277c613449262201cc792db894fc76
urlhttps://github.com/risheesh/debutsav/commit/7a8430df79277c613449262201cc792db894fc76https://github.com/risheesh/debutsav/commit/7a8430df79277c613449262201cc792db894fc76https://github.com/risheesh/debutsav/commit/7a8430df79277c613449262201cc792db894fc76
namePatchPatchPatch
patch_name7a8430df79277c613449262201cc792db894fc767a8430df79277c613449262201cc792db894fc767a8430df79277c613449262201cc792db894fc76
patch_urlhttps://github.com/risheesh/debutsav/commit/7a8430df79277c613449262201cc792db894fc76https://github.com/risheesh/debutsav/commit/7a8430df79277c613449262201cc792db894fc76https://github.com/risheesh/debutsav/commit/7a8430df79277c613449262201cc792db894fc76
advisoryquoteFixed sqli in sqlite3Fixed sqli in sqlite3Fixed sqli in sqlite3
cveCVE-2014-125081CVE-2014-125081CVE-2014-125081
responsibleVulDBVulDBVulDB
date1673823600 (01/16/2023)1673823600 (01/16/2023)1673823600 (01/16/2023)
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_avAAA
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_eXXX
cvss2_vuldb_basescore5.25.25.2
cvss2_vuldb_tempscore4.54.54.5
cvss3_vuldb_basescore5.55.55.5
cvss3_vuldb_tempscore5.35.35.3
cvss3_meta_basescore5.55.56.9
cvss3_meta_tempscore5.35.36.9
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1673823600 (01/16/2023)1673823600 (01/16/2023)
cve_nvd_summaryA vulnerability, which was classified as critical, has been found in risheesh debutsav. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is 7a8430df79277c613449262201cc792db894fc76. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218459.A vulnerability, which was classified as critical, has been found in risheesh debutsav. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is 7a8430df79277c613449262201cc792db894fc76. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218459.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avA
cvss2_nvd_acL
cvss2_nvd_auS
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cvss3_cna_avA
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iL
cvss3_cna_aL
cve_cnaVulDB
cvss2_nvd_basescore5.2
cvss3_nvd_basescore9.8
cvss3_cna_basescore5.5

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!