Vulnerability Description
A vulnerability, which was classified as critical, has been found in Gimmie Plugin 1.2.2 on vBulletin. This issue affects some unknown processing of the file trigger_referral.php. The manipulation of the argument referrername leads to sql injection. Upgrading to version 1.3.0 is able to address this issue. The identifier of the patch is 7194a09353dd24a274678383a4418f2fd3fce6f7. It is recommended to upgrade the affected component. The identifier VDB-220205 was assigned to this vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gimmie Project | Gimmie | < 1.3.0 |
Related Weaknesses (CWE)
References
- https://github.com/gimmie/vbulletin-v4/commit/7194a09353dd24a274678383a4418f2fd3PatchThird Party Advisory
- https://github.com/gimmie/vbulletin-v4/tree/v1.3.0Release NotesThird Party Advisory
- https://vuldb.com/?ctiid.220205Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.220205Permissions RequiredThird Party Advisory
- https://github.com/gimmie/vbulletin-v4/commit/7194a09353dd24a274678383a4418f2fd3PatchThird Party Advisory
- https://github.com/gimmie/vbulletin-v4/tree/v1.3.0Release NotesThird Party Advisory
- https://vuldb.com/?ctiid.220205Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.220205Permissions RequiredThird Party Advisory
FAQ
What is CVE-2014-125084?
CVE-2014-125084 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability, which was classified as critical, has been found in Gimmie Plugin 1.2.2 on vBulletin. This issue affects some unknown processing of the file trigger_referral.php. The manipulation of ...
How severe is CVE-2014-125084?
CVE-2014-125084 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-125084?
Check the references section above for vendor advisories and patch information. Affected products include: Gimmie Project Gimmie.