Loading
Generated remediation guidance and an executive summary. No account required.
SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.
Use CWE-89, Openwebanalytics vendor hub and Open Web Analytics product page to widen CVE-2014-1206 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2022-24637, CVE-2014-2294 and CVE-2014-1457 for nearby disclosures in the same product family.