CVE-2014-8336
05.01.2018, 16:29
The "Sql Run Query" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOAD_FILE in an INSERT statement.Enginsight
| Vendor | Product | Version |
|---|---|---|
| wp-dbmanager_project | wp-dbmanager | 𝑥 ≤ 2.7.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References