Description WeBid 1.1.1 allows remote attackers to conduct an LDAP injection attack via the (1) js or (2) cat parameter. Remediation References CVE-2014-5114 Related Vulnerabilities qdPM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-11814) Magento Cryptographic Issues Vulnerability (CVE-2019-7860) WordPress Plugin Simple Slide Show TimThumb Arbitrary File Upload (1.0) Oracle Database Server Improper Input Validation Vulnerability (CVE-2016-2381) WordPress Plugin OPS Old Post Spinner 'ops_file' Parameter Local File Include (2.2.1) Severity High Classification CVE-2014-5114 Tags Missing Update Known Vulnerabilities