Vulners
Lucene search
PHPMemcachedAdmin 1.2.2 Remote Code Execution Vulnerability
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | The vulnerability in the PHPMemcachedAdmin web interface exists due to errors in the mechanism for recovering serialized data. This allows attackers to escalate their privileges and execute arbitrary PHP code. | 23 Nov 201700:00 | – | bdu_fstec |
 | CVE-2014-8731 | 23 Mar 201717:00 | – | cve |
 | CVE-2014-8731 | 23 Mar 201717:00 | – | cvelist |
 | CVE-2014-8731 | 23 Mar 201717:59 | – | nvd |
 | Code injection | 23 Mar 201717:59 | – | prion |
 | CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 | 1 Dec 201400:00 | – | securityvulns |
| Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | 1 Dec 201400:00 | – | securityvulns |
CVE-2014-8731
CVSSv2 Vector:
[AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:U/RC:C]
CVSSv2 Base Score=10.0
CVSSv2 Temp Score=9.5
OWASP Top 10 classification: A1 - Injection
PHPMemcachedAdmin is a web-based frontend for Linux's memcached Daemon.
Project Homepage:
https://code.google.com/p/phpmemcacheadmin/
Download Site:
http://blog.elijaa.org/index.php?pages/phpMemcachedAdmin-Download
PHPMemcachedAdmin stores data in the server's filesystem.
Part of the serialized data and the last part of the concatenated filename may be specified by the user, which can lead to remote code execution e.g. if a php script is created and placed within the webserver's document root.
All versions prior and including the current version 1.2.2 are affected as far as we know.
# 0day.today [2018-03-05] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
13 Nov 2014 00:00Current
9.7High risk
Vulners AI Score9.7
EPSS0.4714