CVE-2014-6059

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-6059
WordPress Advanced Access Manager Plugin before 2.8.2 has an Arbitrary File Overwrite Vulnerability

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://packetstormsecurity.com/files/128137/WordPress-Advanced-Access-Manager-2.8.2-File-Write-Code-Execution.html Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/69549 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/95694 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:vasyltech:advanced_access_manager:*:*:*:*:*:wordpress:*:*
History

05 Jan 2024, 14:36

Type Values Removed Values Added
CPE cpe:2.3:a:advanced_access_manager_project:advanced_access_manager:*:*:*:*:*:wordpress:*:* cpe:2.3:a:vasyltech:advanced_access_manager:*:*:*:*:*:wordpress:*:*
First Time Vasyltech advanced Access Manager
Vasyltech
Information

Published : 2020-01-13 13:15

Updated : 2024-01-05 14:36

NVD link : CVE-2014-6059

Mitre link : CVE-2014-6059

CVE.ORG link : CVE-2014-6059

JSON object : View

Products Affected

vasyltech

  • advanced_access_manager
CWE
NVD-CWE-noinfo