Caldera

Caldera

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2014-2933

  • EPSS 0.21%
  • Published 08.05.2014 10:55:04
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname.

7.5

CVE-2014-2934

Exploit
  • EPSS 0.65%
  • Published 08.05.2014 10:55:04
  • Last modified 12.04.2025 10:46:40

Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.

10

CVE-2014-2935

  • EPSS 1.53%
  • Published 08.05.2014 10:55:04
  • Last modified 12.04.2025 10:46:40

costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.

7.5

CVE-2014-2936

Exploit
  • EPSS 0.39%
  • Published 08.05.2014 10:55:04
  • Last modified 12.04.2025 10:46:40

The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.ph...