SQL Injection Vulnerability in Xerox DocuShare Products
CVE-2014-3138

Currently unrated

Key Information:

Vendor

Xerox
Status
Docushare
Vendor
CVE Published:
2 May 2014

What is CVE-2014-3138?

An SQL injection flaw exists in Xerox DocuShare, enabling authenticated remote users to execute arbitrary SQL commands through malicious requests. This vulnerability specifically arises from improper validation of input data within the PATH_INFO variable, affecting various versions of the platform. Exploiting this flaw may allow an attacker to manipulate or retrieve sensitive data directly from the database, posing a serious threat to the integrity and confidentiality of stored information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.xerox.com/download/security/security-bulletin/...
x_refsource_MISC
http://www.exploit-db.com/exploits/32886
exploitx_refsource_EXPLOIT-DB
http://www.osvdb.org/105972
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.