CVE-2014-5089

Status2k - SQL Injection

Title source: rule

Description

SQL injection vulnerability in admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary SQL commands via the log parameter.

Exploits (1)

exploitdb WRITEUP

webappsphp

https://www.exploit-db.com/exploits/34239

View Code ZIP pw:eip

References (1)

[Exploit] http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html

Scores

EPSS 0.0087

EPSS Percentile 75.2%

Details

CWE

CWE-89

Status published

Products (1)

status2k/status2k

Published Aug 06, 2014

Tracked Since Feb 18, 2026