CVE-2014-5193 in Sphiderinfo

Summary

Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the category parameter. NOTE: the url parameter vector is already covered by CVE-2014-5082.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

08/07/2014

Disclosure

08/07/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
70575Sphider cross site scripting79Proof-of-ConceptNot definedCVE-2014-5193

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!