Ellislab

ellislab

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Expressionengine

expressionengine

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-5387 2Ellislab Expressionengine 2Expressionengine Expressionengine May 6, 2026 Nov 4, 2014 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] parameter to system/index.ph...Show more Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] parameter to system/index.php or the (3) tbl_sort[0][] parameter in the comment module to system/index.php.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2014-5387

2Ellislab

Expressionengine

2Expressionengine

Expressionengine

May 6, 2026

Nov 4, 2014

N/A· v4

N/A· v3

6.5 MEDIUM· v2

Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] parameter to system/index.ph...Show more