Knowledgetree : Security vulnerabilities, CVEs published in 2014

CVE-2014-2737

SQL injection vulnerability in the get_active_session function in the KTAPI_UserSession class in webservice/clienttools/services/mdownload.php in KnowledgeTree 3.7.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the u parameter, related to the getFileName function.

Max CVSS

7.5

EPSS Score

0.29%

Published

2014-04-22

Updated

2018-10-09

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Knowledgetree : Security Vulnerabilities, CVEs, Published In 2014

CVE-2014-2737