8 matches found
http-vuln-cve2014-8877 NSE Script
Exploits a remote code injection vulnerability CVE-2014-8877 in Wordpress CM Download Manager plugin. Versions = 2.0.0 are known to be affected. CM Download Manager plugin does not correctly sanitise the user input which allows remote attackers to execute arbitrary PHP code via the CMDsearch...
CVE-2014-8877
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP createfunction...
CVE-2014-8877
CM Downloads Manager for WordPress (CreativeMinds) contains a remote PHP code execution vulnerability (CVE-2014-8877) in the alterSearchQuery function of lib/controllers/CmdownloadController.php. The issue allows an attacker to inject PHP code via the CMDsearch parameter sent to cmdownloads/, whe...
CVE-2014-8877
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP createfunction...
WordPress Plugin CM Download Manager 2.0.0 - Code Injection
Vulnerability title: Code Injection in Wordpress CM Download Manager plugin 2.0.0 CVE: CVE-2014-8877 Plugin: CM Download Manager plugin Vendor: CreativeMinds - https://www.cminds.com/ Link download: https://wordpress.org/plugins/cm-download-manager/ Affected version: 2.0.0 and previous version...
WordPress CM Download Manager Plugin Remote PHP Code Execution Vulnerability
The CM Download Manager for WordPress is prone to remote PHP-code execution vulnerability SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress CM Download Manager 2.0.0 Code Injection Vulnerability
WordPress CM Download Manager plugin versions 2.0.0 and below suffer from a code injection vulnerability. Vulnerability title: Code Injection in Wordpress CM Download Manager plugin CVE: CVE-2014-8877 Plugin: CM Download Manager plugin Vendor: CreativeMinds - https://www.cminds.com/ Product:...
WordPress CM Download Manager 2.0.0 Code Injection
Vulnerability title: Code Injection in Wordpress CM Download Manager plugin CVE: CVE-2014-8877 Plugin: CM Download Manager plugin Vendor: CreativeMinds - https://www.cminds.com/ Product: https://wordpress.org/plugins/cm-download-manager/ Affected version: 2.0.0 and previous version Fixed version:...