CVE-2014-100012

Sendy - SQL Injection

Title source: rule
STIX 2.1

Description

SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Hurley · textwebappsphp
https://www.exploit-db.com/exploits/31898

References (1)

Core 1
Core References
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/31898

Scores

EPSS 0.0025
EPSS Percentile 47.8%

Details

CWE
CWE-89
Status published
Products (1)
sendy/sendy 1.1.8.4
Published Jan 13, 2015
Tracked Since Feb 18, 2026