← Back

CVE-2014-8335

nvd nist
Published: Jan 5, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

(1) wp-dbmanager.php and (2) database-manage.php in the WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.

Affected (1)

Wp Dbmanager Project
1 product
Wp Dbmanager
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Wp Dbmanager
Up to 2.7.1

Related CWEs

CWE-255
CWE-255

References (12)

Source: cve@mitre.org
ExploitIssue TrackingThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
VDB Entry
Source: cve@mitre.org
Issue TrackingPatchThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.