cbcvebase.
CVE-2014-9220
published 2014-12-03

CVE-2014-9220: SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone…

PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.07%
79.0th percentile
SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.

Affected

10 ranges
VendorProductVersion rangeFixed in
fedoraprojectfedora
opensuseopensuse
openvasopenvas_manager<= 4.0.5
openvasopenvas_manager
openvasopenvas_manager
openvasopenvas_manager
openvasopenvas_manager
openvasopenvas_manager
openvasopenvas_manager
openvasopenvas_manager
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.