2 matches found
CVE-2014-8607
The CVE-2014-8607 entry concerns the XCloner Backup and Restore plugin for WordPress (3.1.1) and Joomla (3.5.1). The public description states that the plugin exposes the MySQL username and password on the command line, enabling local users to read sensitive information via the ps command. Connec...
Xloner v3.1.2 wordpress plugin authenticated command execution and XSS
This advisory is in addition to the one I filed in November http://www.openwall.com/lists/oss-security/2014/11/06/1 that had the following CVEs assigned CVE-2014-8603 CVE-2014-8604 CVE-2014-8605 CVE-2014-8606 CVE-2014-8607, advisory http://www.vapid.dhs.org/advisory.php?v=110. Title: Xloner v3.1....