How severe is CVE-2014-125059?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2014-125059?

This is classified as CWE-73, which is a common weakness in software security.

CVE-2014-125059

CRITICAL Year: 2014

CVSS v3 Score

9.8

Critical

CVSS v2 Score

4.6

Medium

Weakness Type

CWE-73

View all →

Vulnerability Description

A vulnerability, which was classified as problematic, has been found in sternenseemann sternenblog. This issue affects the function blog_index of the file main.c. The manipulation of the argument post_path leads to file inclusion. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 0.1.0 is able to address this issue. The identifier of the patch is cf715d911d8ce17969a7926dea651e930c27e71a. It is recommended to upgrade the affected component. The identifier VDB-217613 was assigned to this vulnerability. NOTE: This case is rather theoretical and probably won't happen. Maybe only on obscure Web servers.

CVE-2014-125044

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, was found in soshtolsus wing-tight. This affects an unknown part of the file index.php. The manipulation of the argument p leads to file inclusion. I...

CWE-732014

CVE-2018-17246

CRITICAL

CVSS:9.8(Critical)

Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to exec...

CWE-732018

CVE-2019-3681

CRITICAL

CVSS:9.8(Critical)

A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Soft...

CWE-732019

CVE-2020-9752

CRITICAL

CVSS:9.8(Critical)

Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe.

CWE-732020

CVE-2021-38477

CRITICAL

CVSS:9.8(Critical)

There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files.

CWE-732021

CVE-2022-39952

CRITICAL

CVSS:9.8(Critical)

A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5...

CWE-732022

CVE-2014-125059

Vulnerability Description

Related Vulnerabilities

CVE-2014-125044

CVE-2018-17246

CVE-2019-3681

CVE-2020-9752

CVE-2021-38477

CVE-2022-39952