CVE-2014-8339 Information

Description

SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter.

Reference

http://packetstormsecurity.com/files/128909/Nuevolabs-Nuevoplayer-For-Clipshare-SQL-Injection.html http://www.securityfocus.com/archive/1/533847/100/0/threaded http://www.securityfocus.com/bid/70833 http://www.youtube.com/watch?v=_-oOI1LnEdk https://exchange.xforce.ibmcloud.com/vulnerabilities/98393