exploitDog

CVE-2014-8334

Опубликовано: 31 окт. 2014

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) $backup['filepath'] (aka "Path to Backup:" field) or (2) $backup['mysqldumppath'] variable.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wp-dbmanager_project:wp-dbmanager:*:*:*:*:*:wordpress:*:*

Версия до 2.71 (включая)

EPSS

Процентиль: 89%

0.04305

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-8wwf-w8hv-8982

github

больше 3 лет назад

The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) $backup['filepath'] (aka "Path to Backup:" field) or (2) $backup['mysqldumppath'] variable.

EPSS

Процентиль: 89%

0.04305

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-78