Vulnerability Database

296,213

Total vulnerabilities in the database

CVE-2014-6633

The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x before 3.2.3 allows remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the collection.domain in the webdav module or (2) the formula field in the price_list module.

  • Published: Apr 12, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-6633
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.8
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 9
  • AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

OWASP TOP 10:

Software From Fixed in
tryton / tryton 2.4.0 2.4.15
tryton / tryton 2.6.0 2.6.14
tryton / tryton 2.8.0 2.8.11
tryton / tryton 3.0.0 3.0.7
tryton / tryton 3.2.0 3.2.3