2 matches found
CVE-2014-3114
The CVE-2014-3114 entry concerns the EZPZ One Click Backup WordPress plugin (versions 12.03.10 and earlier). Affects the PHP script ezpz-archive-cmd.php, where the cmd parameter can be exploited to execute arbitrary commands, resulting in unauthenticated remote command execution. Multiple sources...
EZPZ One Click Backup Plugin for WordPress 'cmd' Parameter Remote Command Execution
The EZPZ One Click Backup Plugin for WordPress installed on the remote host is affected by a remote command execution vulnerability due to a failure to properly sanitize user-supplied input to the 'cmd' parameter in the ezpz-archive-cmd.php script. An unauthenticated, remote attacker can exploit...