A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-02-10T14:06:02
Updated: 2024-08-06T11:34:37.373Z
Reserved: 2014-07-24T00:00:00
Link: CVE-2014-5086
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-02-10T15:15:19.120
Modified: 2021-09-09T13:38:05.480
Link: CVE-2014-5086
Redhat
No data.