CVE Vulnerabilities

CVE-2014-8335

Published: Jan 05, 2018 | Modified: Jan 19, 2018
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

(1) wp-dbmanager.php and (2) database-manage.php in the WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.

Affected Software

Name Vendor Start Version End Version
Wp-dbmanager Wp-dbmanager_project * 2.7.1 (including)

References