2 matches found
WordPress EasyCart <2.0.6 - Information Disclosure
WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function. id: CVE-2014-4942 info: name: WordPress EasyCart 2.0.6 - Information Disclosur...
CVE-2014-4942
WordPress EasyCart plugin before 2.0.6 expresses an information disclosure flaw. The vulnerability occurs in inc/admin/phpinfo.php, which directly calls phpinfo and allows remote attackers to obtain configuration details. Affected product: WP EasyCart plugin (WordPress) prior to version 2.0.6. Ro...