CVE-2014-8336

The "Sql Run Query" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOAD_FILE in an INSERT statement.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:wp-dbmanager_project:wp-dbmanager:*:*:*:*:*:wordpress:*:*

Information

Published : 2018-01-05 08:29

Updated : 2018-01-18 14:16


NVD link : CVE-2014-8336

Mitre link : CVE-2014-8336


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

wp-dbmanager_project

  • wp-dbmanager