The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and password on the command line, which allows local users to obtain sensitive information via the ps command.
References
Link | Resource |
---|---|
http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1/ | Exploit |
http://www.vapid.dhs.org/advisory.php?v=110 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-06-10T18:00:00
Updated: 2015-06-10T17:57:00
Reserved: 2014-11-04T00:00:00
Link: CVE-2014-8607
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-06-10T18:59:04.753
Modified: 2015-06-11T17:53:06.120
Link: CVE-2014-8607
JSON object: View
Redhat Information
No data.
CWE