Vulnerability Description
A vulnerability, which was classified as critical, was found in License to Kill. This affects an unknown part of the file models/injury.rb. The manipulation of the argument name leads to sql injection. The patch is named cd11cf174f361c98e9b1b4c281aa7b77f46b5078. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217191.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| License To Kill Project | License To Kill | < 2014-05-01 |
Related Weaknesses (CWE)
References
- https://github.com/elizabrock/license-to-kill/commit/cd11cf174f361c98e9b1b4c281aPatchThird Party Advisory
- https://vuldb.com/?ctiid.217191Third Party Advisory
- https://vuldb.com/?id.217191Third Party Advisory
- https://github.com/elizabrock/license-to-kill/commit/cd11cf174f361c98e9b1b4c281aPatchThird Party Advisory
- https://vuldb.com/?ctiid.217191Third Party Advisory
- https://vuldb.com/?id.217191Third Party Advisory
FAQ
What is CVE-2014-125037?
CVE-2014-125037 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability, which was classified as critical, was found in License to Kill. This affects an unknown part of the file models/injury.rb. The manipulation of the argument name leads to sql injection...
How severe is CVE-2014-125037?
CVE-2014-125037 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-125037?
Check the references section above for vendor advisories and patch information. Affected products include: License To Kill Project License To Kill.