CVE-2014-3783

NONE EPSS 73.9%
Published May 22, 201412y ago · Modified Jun 17, 20262w ago
Find Similar
Published May 22, 2014 12y ago
Last Modified Jun 17, 2026 2w ago

Description

SQL injection vulnerability in admin/categories.php in Dotclear before 2.6.3 allows remote authenticated users with the manage categories permission to execute arbitrary SQL commands via the categories_order parameter.

Threat Intelligence

EPSS Exploit Probability
73.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-89 SQL Injection Injection

Affected Products 44

VendorProductVersionRange
dotcleardotclear* ≤2.6.2
dotcleardotclear1.2.1any
dotcleardotclear1.2.2any
dotcleardotclear1.2.3any
dotcleardotclear1.2.4any
dotcleardotclear1.2.5any
dotcleardotclear1.2.6any
dotcleardotclear1.2.7any
dotcleardotclear1.2.8any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0any
dotcleardotclear2.0.1any
dotcleardotclear2.0.2any
dotcleardotclear2.1any
dotcleardotclear2.1.1any
dotcleardotclear2.1.3any
dotcleardotclear2.1.4any
dotcleardotclear2.1.5any
dotcleardotclear2.1.6any
dotcleardotclear2.1.7any
dotcleardotclear2.2any
dotcleardotclear2.2.1any
dotcleardotclear2.2.2any
dotcleardotclear2.2.3any
dotcleardotclear2.3.0any
dotcleardotclear2.3.1any
dotcleardotclear2.4.2any
dotcleardotclear2.4.3any
dotcleardotclear2.4.4any
dotcleardotclear2.5.0any
dotcleardotclear2.5.1any
dotcleardotclear2.5.2any
dotcleardotclear2.5.3any
dotcleardotclear2.6any
dotcleardotclear2.6any
dotcleardotclear2.6.1any

References 5

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.