23 matches found
EUVD-2014-8173
Malware in sbrugna...
EUVD-2014-8172
Malware in sbrugna...
EUVD-2014-8174
Malware in sbrugna...
CVE-2022-2354
The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should...
CVE-2022-2354
The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should...
Code injection
The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should...
CVE-2022-2354
The CVE-2022-2354 issue affects the WordPress WP-DBManager plugin prior to version 2.80.8 and enables administrators in multisite installations (where only super-administrators should have it) to execute arbitrary commands on the server. Multiple sources (NVD/NIST, Red Hat, CVE lists, and Nessus ...
CVE-2022-2354 WP-DBManager < 2.80.8 - Admin+ Remote Command Execution
The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should...
WordPress plugin WP-DBManager 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
WordPress WP-DBManager plugin <= 2.79.1 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability found by RIPS in WordPress WP-DBManager plugin versions = 2.79.1. Solution Update the WordPress WP-DBManager plugin to the latest available version at least 2.79.2...
Download WP-DBManager <= 2.79.1 - Arbitrary File Delete
The WP-DBManager WordPress plugin was affected by an Arbitrary File Delete security vulnerability...
Command injection
1 wp-dbmanager.php and 2 database-manage.php in the WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
CVE-2014-8335
1 wp-dbmanager.php and 2 database-manage.php in the WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
CVE-2014-8336
The "Sql Run Query" panel in WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOADFILE in an INSERT statement...
Design/Logic Flaw
The "Sql Run Query" panel in WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOADFILE in an INSERT statement...
CVE-2014-8336
The WP-DBManager WordPress plugin (pre-2.7.2) contains a vulnerability in the Sql Run Query panel that allows remote read of arbitrary files by exploiting insufficient query restriction, demonstrated via LOAD_FILE in an INSERT statement. Affected product: WP-DBManager plugin for WordPress. Impact...
CVE-2014-8336
The "Sql Run Query" panel in WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOADFILE in an INSERT statement...
CVE-2014-8335
The CVE-2014-8335 entry relates to the WP-DBManager (aka Database Manager) WordPress plugin, affected in versions prior to 2.7.2. The vulnerability affects the files wp-dbmanager.php and database-manage.php, where credentials are placed on the mysqldump command line, enabling local users to obtai...
CVE-2014-8335
1 wp-dbmanager.php and 2 database-manage.php in the WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
CVE-2014-8334
The WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 $backup'filepath' aka "Path to Backup:" field or 2 $backup'mysqldumppath' variable...