Lucene search
K

37 matches found

CVE
CVE
added 2018/01/05 4:0 p.m.40 views

CVE-2014-8336

The WP-DBManager WordPress plugin (pre-2.7.2) contains a vulnerability in the Sql Run Query panel that allows remote read of arbitrary files by exploiting insufficient query restriction, demonstrated via LOAD_FILE in an INSERT statement. Affected product: WP-DBManager plugin for WordPress. Impact...

6.5CVSS6.5AI score0.02597EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2018/01/05 4:0 p.m.49 views

CVE-2014-8335

The CVE-2014-8335 entry relates to the WP-DBManager (aka Database Manager) WordPress plugin, affected in versions prior to 2.7.2. The vulnerability affects the files wp-dbmanager.php and database-manage.php, where credentials are placed on the mysqldump command line, enabling local users to obtai...

7.8CVSS7.3AI score0.00529EPSS
Exploits3References6Affected Software1
Cvelist
Cvelist
added 2018/01/05 4:0 p.m.26 views

CVE-2014-8335

1 wp-dbmanager.php and 2 database-manage.php in the WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...

7.5AI score0.00529EPSS
Exploits3References6
NVD
NVD
added 2014/10/31 2:55 p.m.23 views

CVE-2014-8334

The WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 $backup'filepath' aka "Path to Backup:" field or 2 $backup'mysqldumppath' variable...

6.5CVSS7.2AI score0.03471EPSS
Exploits3References10
CVE
CVE
added 2014/10/31 2:0 p.m.51 views

CVE-2014-8334

The CVE-2014-8334 issue affects the WordPress WP-DBManager plugin (pre-2.7.2). Vulnerable component: the backup handling code that reads $backup[' filepath'] and $backup['mysqldumppath']; root cause is shell metacharacter handling, enabling remote authenticated users to execute arbitrary commands...

6.5CVSS7.4AI score0.03471EPSS
Exploits3References10Affected Software1
Cvelist
Cvelist
added 2014/10/31 2:0 p.m.32 views

CVE-2014-8334

The WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 $backup'filepath' aka "Path to Backup:" field or 2 $backup'mysqldumppath' variable...

7.2AI score0.03471EPSS
Exploits3References10
Patchstack
Patchstack
added 2014/10/20 12:0 a.m.27 views

WordPress DBManager Plugin <= 2.7.1 - Multiple Vulnerabilities

There are multiple vulnerabilities in this plugin, that allow remote authenticated users to execute arbitrary commands via shell metacharacters in the $backup'filepath' or $backup'mysqldumppath' variable. Solution Update the plugin...

6.5CVSS6.8AI score0.03471EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/10/13 12:0 a.m.27 views

WP-DBManager < 2.7.2 - Authenticated Command Injection

The WP-DBManager WordPress plugin was affected by an Authenticated Command Injection security vulnerability...

6.5CVSS3.1AI score0.03471EPSS
Exploits5References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/04/21 12:0 a.m.12 views

Altiris Deployment Solution < 6.9 SP4 DBManager DoS (SYM10-007)

Binary data 5515.prm...

6.5CVSS7.3AI score0.00854EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/04/21 12:0 a.m.30 views

Altiris Deployment Solution Server < 6.9 SP4 DBManager DoS (SYM10-007)

The version of Altiris Deployment Solution installed on the remote host is reportedly affected by a denial of service vulnerability. The DBManager component has a use-after-free error when processing specially crafted 'CreateSession' and 'PXEManagerSignOn' requests. A remote attacker could exploi...

6.5CVSS6.6AI score0.00854EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/01/08 12:0 a.m.23 views

Altiris Deployment Solution Server < 6.9.430 Multiple Vulnerabilities (SYM09-011)

The version of Altiris Deployment Solution installed on the remote host is reportedly affected by the following vulnerabilities : - DBManager authentication can by bypassed. A remote attacker could exploit this to execute arbitrary database queries. CVE-2009-3107 - The Aclient GUI has a privilege...

9.3CVSS6AI score0.03763EPSS
Exploits0References9
NVD
NVD
added 2009/09/08 11:30 p.m.17 views

CVE-2009-3107

Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service...

4.8CVSS7AI score0.00967EPSS
Exploits0References4
Prion
Prion
added 2009/09/08 11:30 p.m.15 views

Authentication flaw

Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service...

4.8CVSS7.5AI score0.00967EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2009/09/08 11:0 p.m.32 views

CVE-2009-3107

Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service...

6.9AI score0.00967EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2009/09/08 12:0 a.m.5 views

PT-2009-5434 · Symantec · Symantec Altiris Deployment Solution

Name of the Vulnerable Software and Affected Versions: Symantec Altiris Deployment Solution versions 6.9.x before 6.9 SP3 Build 430 Description: The issue is related to improper access restriction to the listening port for the DBManager service. This allows remote attackers to bypass authenticati...

4.8CVSS6.8AI score0.00967EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2003/05/10 12:0 a.m.14 views

DBTools DBManager catalog.mdb Plaintext Local Credential Disclosure

The remote host is running DBManager from DBTool - a GUI to manage MySQL and PostgreSQL databases. This program stores the passwords and IP addresses of the managed databases in an unencrypted file. A local attacker could use the data in this file to log into the managed databases and execute...

5.7AI score
Exploits0References1
securityvulns
securityvulns
added 2003/03/07 12:0 a.m.18 views

DBTools&#39; DBManager Information Leak Vulnerability

Centaura Technologies Security Research Lab Advisory Product Name: DBTools DBManager Professional Systems: Windows 9x/NT/2000/2003 Server Severity: Medium Remote: No Category: Information Leak Vendor URL: http://www.dbtools.com.br Advisory Author: Ignacio Vazquez Advisory URL:...

6.8AI score
Exploits0
Rows per page
Query Builder