Vulnerabilities > Creative Minds > CM Download Manager > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-05 | CVE-2014-8877 | Code Injection vulnerability in Creative Minds CM Download Manager 2.0.0/2.0.1/2.0.2 The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function. | 10.0 |