Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:346175
HistoryNov 16, 2016 - 12:00 a.m.

Imagely NextGen Gallery plugin for Wordpress contains a local file inclusion vulnerability

2016-11-1600:00:00
www.kb.cert.org
30

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

51.8%

JSON

Overview

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 may execute code from an uploaded malicious file.

Description

CWE-98**: Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) -**CVE-2016-6565

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration).

Impact

An authenticated user may be able to read arbitrary files on the server or execute code on the server by including a malicious local file in a formatted server request.

Solution

Apply an update

Imagely has released the NextGen Gallery plugin version 2.1.57 to address this issue. Affected users are encouraged to upgrade to version 2.1.57 or later as soon as possible.

Vendor Information

346175

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Imagely __ Affected

Notified: October 12, 2016 Updated: November 14, 2016

Statement Date: October 26, 2016

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The patch for this issue was included with version 2.1.57.

CVSS Metrics

Group Score Vector
Base 9 AV:N/AC:L/Au:S/C:C/I:C/A:C
Temporal 7 E:POC/RL:OF/RC:C
Environmental 5.3 CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

Acknowledgements

Thanks to Mukhammad Khalilov for reporting this vulnerability.

This document was written by Garret Wassermann.

Other Information

CVE IDs: CVE-2016-6565
Date Public: 2016-11-15 Date First Published:

Related

prion 1
nvd 1
cve 1
cvelist 1
openvas 1
wpvulndb 1
prion
prion
Code injection
2018-07-13 20:29:00
nvd
nvd
CVE-2016-6565
2018-07-13 20:29:01
cve
cve
CVE-2016-6565
2018-07-13 20:29:01
cvelist
cvelist
CVE-2016-6565 The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 may execute code from an uploaded malicious file
2018-07-13 20:00:00
openvas
openvas
WordPress NextGEN Gallery Plugin < 2.1.57 Multiple Vulnerabilities
2018-07-16 00:00:00
wpvulndb
wpvulndb
NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion (LFI) & SQLi
2016-11-15 00:00:00

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

51.8%

JSON
Related for VU:346175
prion1nvd1cve1cvelist1openvas1wpvulndb1