CVE-2014-8607

Sažetak

The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and password on the command line, which allows local users to obtain sensitive information via the ps command.

Reference

http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1/
http://www.vapid.dhs.org/advisory.php?v=110

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-06-2015 - 17:53

Objavljeno

10-06-2015 - 18:59