CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 3CVE-2014-8603 – Backup, Restore and Migrate WordPress Sites With the XCloner Plugin <= 3.1.1 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2014-8603
cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to execute arbitrary code via shell metacharacters in the (1) file name when creating a backup or vectors related to the (2) $_CONFIG[tarpath], (3) $exclude, (4) $_CONFIG['tarcompress'], (5) $_CONFIG['filename'], (6) $_CONFIG['exfile_tar'], (7) $_CONFIG[sqldump], (8) $_CONFIG['mysql_host'], (9) $_CONFIG['mysql_pass'], (10) $_CONFIG['mysql_user'], (11) $database_name, or (12) $sqlfile variable. cloner.functions.php en el plugin XCloner 3.1.1 para WordPress y 3.5.1 para Joomla! permite a administradores remotos ejecutar código arbitrario a través de metacaracteres de shell en (1) el nombre de fichero cuando crea una copia de seguridad o vectores relacionados con la variable (2) $_CONFIG[tarpath], (3) $exclude, (4) $_CONFIG['tarcompress'], (5) $_CONFIG['filename'], (6) $_CONFIG['exfile_tar'], (7) $_CONFIG[sqldump], (8) $_CONFIG['mysql_host'], (9) $_CONFIG['mysql_pass'], (10) $_CONFIG['mysql_user'], (11) $database_name o (12) $sqlfile. XCloner plugin version 3.1.1 for WordPress and 3.5.1 for Joomla! suffers from arbitrary command execution, MySQL password disclosure, database backups exposed, unauthenticated remote access, and various other vulnerabilities. • https://www.exploit-db.com/exploits/35212 http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1 http://www.vapid.dhs.org/advisory.php?v=110 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2014-8605 – Backup, Restore and Migrate WordPress Sites With the XCloner Plugin <= 3.1.1 - Improper Access Control to Information Disclosure
https://notcve.org/view.php?id=CVE-2014-8605
The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores database backup files with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to a backup file in administrators/backups/. El plugin XCloner 3.1.1 para WordPress y 3.5.1 para Joomla! almacena ficheros de copias de seguridad de la base de datos con nombres previsibles bajo el root web con un control de acceso insuficiente, lo que permite a atacantes remotos obtener información sensible a través de una solicitud directa a un fichero de copias de seguridad en administrators/backups/. XCloner plugin version 3.1.1 for WordPress and 3.5.1 for Joomla! • https://www.exploit-db.com/exploits/35212 http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1 http://www.vapid.dhs.org/advisory.php?v=110 • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2014-8604 – Backup, Restore and Migrate WordPress Sites With the XCloner Plugin <= 3.1.1 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2014-8604
The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns the MySQL password in cleartext to a text box in the configuration panel, which allows remote attackers to obtain sensitive information via unspecified vectors. El plugin XCloner 3.1.1 para WordPress y 3.5.1 para Joomla! devuelve la contraseña MySQL en texto plano al cuadro de texto en el panel de configuración, lo que permite a atacantes remotos obtener información sensible a través de vectores no especificados. XCloner plugin version 3.1.1 for WordPress and 3.5.1 for Joomla! • https://www.exploit-db.com/exploits/35212 http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1 http://www.vapid.dhs.org/advisory.php?v=110 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •