CVE-2014-125051 MEDIUM

CVE-2014-125051: himiklab yii2-jqgrid-widget JqGridAction.php addSearchOptionsRecursively sql injection

Vendor Himiklab
Product yii2-jqgrid-widget
Weakness CWE-89 · SQLi
Published January 6, 2023
Last update August 6, 2024
View on NVD All CVEs

CVSS base score

5.5/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability was found in himiklab yii2-jqgrid-widget up to 1.0.7. It has been declared as critical. This vulnerability affects the function addSearchOptionsRecursively of the file JqGridAction.php. The manipulation leads to sql injection. Upgrading to version 1.0.8 is able to address this issue. The name of the patch is a117e0f2df729e3ff726968794d9a5ac40e660b9. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217564.

Key dates

02Disclosure timeline

January 6, 2023 CVE published
August 6, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-4781 PHPGurukul Park Ticketing Management System forgot-password.php sql injection CVE-2022-3012 oretnom23 Fast Food Ordering System index.php sql injection CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107 CVE-2025-10310 Rich Snippet Site Report <= 2.0.0105 - Authenticated (Admin+) SQL Injection CVE-2024-10299 PHPGurukul Medical Card Generation System Managecard View Detail Page view-card-detail.php sql injection