Lucene search
Phi Ngoc LePATCHSTACK:11FCC0FCD1C05D0CBD17891216089D35HistoryNov 22, 2014 - 12:00 a.m.
WordPress CM Download Manager Plugin 2.0.0 - Code Injection
2014-11-2200:00:00
Phi Ngoc Le
patchstack.com
6
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Code injection vulnerability was found in the software and confirmed as an anonymous user. It allows an attacker to gain full control of the application and use all operating system functions.
Solution
Update to version 2.0.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| cm download manager | le | 2.0.0 |
References
Related
wpexploit
wpexploit
CM Download Manager <= 2.0.0 - Unauthenticated Code Injection
2014-11-20 00:00:00
zdt
zdt
WordPress CM Download Manager 2.0.0 Code Injection Vulnerability
2014-11-20 00:00:00
wpvulndb
wpvulndb
CM Download Manager <= 2.0.0 - Unauthenticated Code Injection
2014-11-20 00:00:00
securityvulns
securityvulns
exploitpack
exploitpack
WordPress Plugin CM Download Manager 2.0.0 - Code Injection
2014-11-22 00:00:00
cvelist
cvelist
CVE-2014-8877
2014-12-05 18:00:00
openvas
openvas
WordPress CM Download Manager Plugin Remote PHP Code Execution Vulnerability
2014-11-21 00:00:00
prion
prion
Code injection
2014-12-05 18:59:00
packetstorm
packetstorm
WordPress CM Download Manager 2.0.0 Code Injection
2014-11-20 00:00:00
checkpoint_advisories
checkpoint_advisories
WordPress CM Download Manager Code Injection (CVE-2014-8877)
2017-01-30 00:00:00
cve
cve
CVE-2014-8877
2014-12-05 18:59:00
exploitdb
exploitdb
WordPress Plugin CM Download Manager 2.0.0 - Code Injection
2014-11-22 00:00:00
nmap
nmap
http-vuln-cve2014-8877 NSE Script
2015-11-11 17:02:28
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related for PATCHSTACK:11FCC0FCD1C05D0CBD17891216089D35