SQL Injection Vulnerability in WebsiteBaker by WebsiteBaker
CVE-2014-9242

Currently unrated

Key Information:

Vendor: Websitebaker
Status: Websitebaker
Vendor: CVE Published:; 3 December 2014

🔔 Create Websitebaker Vulnerability Alert

What is CVE-2014-9242?

A SQL injection vulnerability exists in admin/pages/modify.php of WebsiteBaker 2.8.3. This flaw allows remote attackers to execute arbitrary SQL commands by manipulating the page_id parameter. Successful exploitation can lead to unauthorized access to the database, data leakage, or even complete control over the web application if the attacker is able to escalate their privileges. It is essential for users of this version to implement security patches and fortify their systems to mitigate potential attacks.

References

http://packetstormsecurity.com/files/129140/WebsiteBaker-...

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Nov/44

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 3, 2014

JSON