CVE-2021-25069 – WordPress Download Manager < 3.2.34 - Authenticated SQL Injection to Reflected XSS
https://notcve.org/view.php?id=CVE-2021-25069
The Download Manager WordPress plugin before 3.2.34 does not sanitise and escape the package_ids parameter before using it in a SQL statement, leading to a SQL injection, which can also be exploited to cause a Reflected Cross-Site Scripting issue El plugin Download Manager de WordPress versiones anteriores a 3.2.34, no sanea ni escapa el parámetro package_ids antes de usarlo en una sentencia SQL, conllevando a una inyección SQL, que también puede ser explotada para causar un problema de tipo Cross-Site Scripting Reflejado • https://plugins.trac.wordpress.org/changeset/2656086 https://wpscan.com/vulnerability/4ff5e638-1b89-41df-b65a-f821de8934e8 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2014-9260 – WordPress Download Manager <= 2.7.2 - Authenticated Arbitrary Options Update
https://notcve.org/view.php?id=CVE-2014-9260
The basic_settings function in the download manager plugin for WordPress before 2.7.3 allows remote authenticated users to update every WordPress option. La función basic_settings en el plugin de administración de descargas para WordPress en versiones anteriores a la 2.7.3 permite que atacantes remotos autenticados actualicen todas las opciones de WordPress. WordPress Download Manager plugin version 2.7.2 suffers from a privilege escalation vulnerability. • https://www.exploit-db.com/exploits/36301 http://packetstormsecurity.com/files/130690/WordPress-Download-Manager-2.7.2-Privilege-Escalation.html • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVE-2009-2582
https://notcve.org/view.php?id=CVE-2009-2582
Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2007-1891 and CVE-2007-1892. Desbordamiento de búfer basado en pila en manager.exe en Akamai Download Manager(también conocido como DLM or dlmanager) anterior a v2.2.4.8, permite a servidores web remotos ejecutar código de su elección mediante una respuesta HTTP mal formada durante la descarga de un "Redswoosh". Vulnerabilidad distinta de CVE-2007-1891 y CVE-2007-1892. • http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0351.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=813 http://secunia.com/advisories/35951 http://www.akamai.com/html/support/security.html http://www.securityfocus.com/archive/1/505187/100/0/threaded http://www.securityfocus.com/bid/35778 http://www.securitytracker.com/id?1022592 http://www.vupen.com/english/advisories/2009/1985 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-1770 – Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download
https://notcve.org/view.php?id=CVE-2008-1770
CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote attackers to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line. Vulnerabilidad de inyección CRLF en el control ActiveX Akamai Download Manager anteriores a la 2.2.3.6, permite a atacantes remotos forzar la descarga y ejecución de archivos arbitrariamente a través de un parámetro URL que contiene un LF codificado seguido de una línea de destino maliciosa. • https://www.exploit-db.com/exploits/5741 http://lists.grok.org.uk/pipermail/full-disclosure/2008-June/062672.html http://secunia.com/advisories/30537 http://www.securityfocus.com/archive/1/493077/100/0/threaded http://www.securityfocus.com/archive/1/493142/100/0/threaded http://www.securitytracker.com/id?1020194 http://www.vupen.com/english/advisories/2008/1746/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42879 • CWE-94: Improper Control of Generation of Code ('Code Injection') •