Lucene search
MitreCVELIST:CVE-2014-2996HistoryApr 25, 2014 - 8:00 p.m.
CVE-2014-2996
2014-04-2520:00:00
mitre
www.cve.org
XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_comp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses privilege boundaries, since administrators might already have the privileges to execute code. NOTE: this can be leveraged by remote attackers using CVE-2014-2579.
Related
nvd
nvd
CVE-2014-2996
2014-04-25 20:55:03
CVE-2014-2579
2014-04-25 20:55:03
prion
prion
Code injection
2014-04-25 20:55:00
Cross site request forgery (csrf)
2014-04-25 20:55:00
cve
cve
CVE-2014-2996
2014-04-25 20:55:03
CVE-2014-2579
2014-04-25 20:55:03
cvelist
cvelist
CVE-2014-2579
2014-04-25 20:00:00
zdt
zdt
XCloner Standalone 3.5 Cross Site Request Forgery Vulnerability
2014-04-10 00:00:00
packetstorm
packetstorm
XCloner Standalone 3.5 Cross Site Request Forgery
2014-04-09 00:00:00
seebug
seebug
XCloner Standalone跨站请求伪造漏洞
2014-04-17 00:00:00
htbridge
htbridge
Сross-Site Request Forgery (CSRF) in XCloner Standalone
2014-03-14 00:00:00
exploitpack
exploitpack
XCloner Standalone 3.5 - Cross-Site Request Forgery
2014-04-10 00:00:00
patchstack
patchstack
WordPress XCloner Standalone Plugin <= 3.5 - Multiple CSRF
2014-03-21 00:00:00
securityvulns
securityvulns
Сross-Site Request Forgery (CSRF) in XCloner Standalone
2014-05-04 00:00:00
wpvulndb
wpvulndb
XCloner - Backup and Restore < 3.1.1 - Multiple Actions CSRF
2014-08-01 00:00:00
exploitdb
exploitdb
XCloner Standalone 3.5 - Cross-Site Request Forgery
2014-04-10 00:00:00