[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-4942Date: (C)2014-07-15   (M)2023-12-22


The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows remote attackers to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
http://codevigilant.com/disclosure/wp-plugin-wp-easycart-information-disclosure/
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=829290%40wp-easycart&old=827627%40wp-easycart&sfp_email=&sfph_mail=

CPE    4
cpe:/a:levelfourdevelopment:wp-easycart:2.0.4::~~~wordpress~~
cpe:/a:levelfourdevelopment:wp-easycart:2.0.2::~~~wordpress~~
cpe:/a:levelfourdevelopment:wp-easycart:2.0.1::~~~wordpress~~
cpe:/a:levelfourdevelopment:wp-easycart:2.0.3::~~~wordpress~~
...
CWE    1
CWE-200

© SecPod Technologies