CVE-2014-5086

Published: 2020-02-10T15:15Z

Last Modified: 2024-11-21T02:11Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt