Vulnerability Description
A vulnerability was found in himiklab yii2-jqgrid-widget up to 1.0.7. It has been declared as critical. This vulnerability affects the function addSearchOptionsRecursively of the file JqGridAction.php. The manipulation leads to sql injection. Upgrading to version 1.0.8 is able to address this issue. The name of the patch is a117e0f2df729e3ff726968794d9a5ac40e660b9. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217564.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yii2-Jqgrid-Widget Project | Yii2-Jqgrid-Widget | < 1.0.8 |
Related Weaknesses (CWE)
References
- https://github.com/himiklab/yii2-jqgrid-widget/commit/a117e0f2df729e3ff726968794PatchThird Party Advisory
- https://github.com/himiklab/yii2-jqgrid-widget/releases/tag/1.0.8Third Party Advisory
- https://vuldb.com/?ctiid.217564Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.217564Permissions RequiredThird Party Advisory
- https://github.com/himiklab/yii2-jqgrid-widget/commit/a117e0f2df729e3ff726968794PatchThird Party Advisory
- https://github.com/himiklab/yii2-jqgrid-widget/releases/tag/1.0.8Third Party Advisory
- https://vuldb.com/?ctiid.217564Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.217564Permissions RequiredThird Party Advisory
FAQ
What is CVE-2014-125051?
CVE-2014-125051 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability was found in himiklab yii2-jqgrid-widget up to 1.0.7. It has been declared as critical. This vulnerability affects the function addSearchOptionsRecursively of the file JqGridAction.php...
How severe is CVE-2014-125051?
CVE-2014-125051 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-125051?
Check the references section above for vendor advisories and patch information. Affected products include: Yii2-Jqgrid-Widget Project Yii2-Jqgrid-Widget.