CVE-2014-5086
HIGH
8.8
Our Analysis: General Purpose
Our model has classified this vulnerability as relevant to General Purpose Systems, helping your team prioritize efforts effectively.
Published Date
February 10, 2020
Last Modified
November 21, 2024
CVSS Vector
Not Available
Description
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider.