Caldera 9.20
Approved changes feed: RSS · Atom
cpe:2.3:a:caldera:caldera:9.20:*:*:*:*:*:*:*
part: a version: 9.20 update: *
| Vendor | Caldera (defff65d-8010-5aba-92f2-42fdd576c677) |
|---|---|
| Product | Caldera (72b57693-a42c-50d0-9a71-5183a89d9b5f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/rmitre/caldera |
purl2cpe | 2026-06-01 10:11:38.419341 |
pkg:github/mitre/caldera |
purl2cpe | 2026-06-01 10:11:38.419342 |
pkg:gitlab/kalilinux/caldera |
purl2cpe | 2026-06-01 10:11:38.419344 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2014-2936 |
vulnerable | 2026-06-03 14:33:52.448487 |
Details available
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.php, or (4) dirmng/param.php.
Published: 2014-05-08T10:00:00.000Z
Updated: 2024-08-06T10:28:46.333Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-2935 |
vulnerable | 2026-06-03 14:33:52.448204 |
Details available
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.
Published: 2014-05-08T10:00:00.000Z
Updated: 2024-08-06T10:28:46.248Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-2934 |
vulnerable | 2026-06-03 14:33:52.447900 |
Details available
Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.
Published: 2014-05-08T10:00:00.000Z
Updated: 2024-08-06T10:28:46.332Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-2933 |
vulnerable | 2026-06-03 14:33:52.447516 |
Details available
Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname.
Published: 2014-05-08T10:00:00.000Z
Updated: 2024-08-06T10:28:45.999Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.