Vulnerabilities

CVE-2014-8336

by Fred · 05/01/2018

The "Sql Run Query" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOAD_FILE in an INSERT statement.

Date published : 2018-01-05

https://github.com/lesterchan/wp-dbmanager/commit/7037fa8f61644098044379190d1d4bf1883b8e4a

WP-DBManager

Similar

Tags: Cybersecurity Alert