Lucene search
K

5 matches found

NVD
NVD
added 2014/11/16 11:59 a.m.16 views

CVE-2014-8949

The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the i4wtrace parameter. NOTE: this can be leveraged with CVE-2014-8948 to allow remote attackers to execute code. NOTE: it is not clear...

6CVSS7.3AI score0.07513EPSS
Exploits1References5
Prion
Prion
added 2014/11/16 11:59 a.m.19 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote attackers to hijack the authentication of administrators for requests that with an unspecified impact via the i4wtrace parameter. NOTE: this can be leveraged with CVE-2014-89...

6.8CVSS8.2AI score0.03721EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2014/11/16 11:59 a.m.21 views

Code injection

The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the i4wtrace parameter. NOTE: this can be leveraged with CVE-2014-8948 to allow remote attackers to execute code. NOTE: it is not clear...

6CVSS7.7AI score0.07513EPSS
Exploits2References5Affected Software1
CVE
CVE
added 2014/11/16 11:0 a.m.47 views

CVE-2014-8948

The CVE-2014-8948 entry concerns the WordPress iMember360 plugin, versions 3.8.012 through 3.9.001. The underlying issue is a Cross-site request forgery (CSRF) that allows remote attackers to hijack the authentication of administrators for requests sent with the i4w_trace parameter. The descripti...

6.8CVSS8.2AI score0.03721EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2014/11/16 11:0 a.m.4 views

EUVD-2014-8776

The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the i4wtrace parameter. NOTE: this can be leveraged with CVE-2014-8948 to allow remote attackers to execute code. NOTE: it is not clear...

6.8CVSS7.2AI score0.07513EPSS
Exploits2References5
Rows per page
Query Builder