cleantalk
Vulnerabilities and Security Researches

WP-DBManager, CVE-2014-8336

CVE, Research URL

CVE-2014-8336

Home page URL

Security reports for WP-DBManager

Application

WP-DBManager

Published on
Jan 05, 2018
Research Description
The "Sql Run Query" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOAD_FILE in an INSERT statement.
Affected versions
max 2.7.2.
Status
vulnerable
Previous vulnerability researches
WP-DBManager (2817b75f-d75e-4166-83dc-29ffb5deecf7) , Jun 16, 2026
WP-DBManager (44b95778d7a39eea2c36ce9d9c2a2f7ca7cda057) , Jun 16, 2026
WP-DBManager (c4f629e11b2b4b566dd4cd877a7235b5f19b5953) , Jun 16, 2026
WP-DBManager (CVE-2014-8336) , Jun 07, 2024
WP-DBManager (CVE-2014-8334) , Jun 07, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar – Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026