CVE-2014-2351

CVE-2014-2351: CSWorks SQL Injection

Vendor Csworks

Product CSWorks

Weakness CWE-89 · SQLi

Published May 20, 2014

Last update October 3, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests.

Key dates

02Disclosure timeline

May 20, 2014 CVE published

October 3, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2014-2351 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2025-4815 Campcodes Sales and Inventory System supplier_update.php sql injection CVE-2025-32822 CVE-2025-58993 WordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection Vulnerability CVE-2026-25606 SQL Injection in STER CVE-2026-45211 WordPress APIExperts Square for WooCommerce plugin <= 4.7.1 - SQL Injection vulnerability