Vulnerabilities > WP Dbmanager Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-15	CVE-2022-2354	Incorrect Authorization vulnerability in Wp-Dbmanager Project Wp-Dbmanager The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should. network low complexity wp-dbmanager-project CWE-863	7.2
2018-01-05	CVE-2014-8336	Improper Input Validation vulnerability in Wp-Dbmanager Project Wp-Dbmanager The "Sql Run Query" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOAD_FILE in an INSERT statement. network low complexity wp-dbmanager-project CWE-20	4.0
2018-01-05	CVE-2014-8335	Credentials Management vulnerability in Wp-Dbmanager Project Wp-Dbmanager (1) wp-dbmanager.php and (2) database-manage.php in the WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process. local low complexity wp-dbmanager-project CWE-255	2.1
2014-10-31	CVE-2014-8334	OS Command Injection vulnerability in Wp-Dbmanager Project Wp-Dbmanager The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) $backup['filepath'] (aka "Path to Backup:" field) or (2) $backup['mysqldumppath'] variable. network low complexity wp-dbmanager-project CWE-78	6.5

Vulnerabilities > WP Dbmanager Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"WP Dbmanager Project"}]}

Vulnerabilities > WP Dbmanager Project