Lucene search

CVE-2013-7102

🗓️ 23 Dec 2013 23:04:55Reported by redhatType

cve🔗 web.nvd.nist.gov👁 26 Views🌐 WEB

CVE-2013-7102 Multiple unrestricted file upload vulnerabilities in OptimizePress theme before 1.61 for WordPres

Reporter	Title	Published	Views	Family All 7
Patchstack	WordPress OptimizePress Theme <= 1.60 - File Upload Vulnerability	14 Dec 201300:00	–	patchstack
Metasploit	WordPress OptimizePress Theme File Upload Vulnerability	23 Mar 201507:15	–	metasploit
NVD	CVE-2013-7102	23 Dec 201323:55	–	nvd
WPVulnDB	OptimizePress Theme < 1.6 - Unauthenticated Arbitrary File Upload	29 Nov 201300:00	–	wpvulndb
Cvelist	CVE-2013-7102	23 Dec 201323:00	–	cvelist
Prion	Unrestricted file upload	23 Dec 201323:55	–	prion
wpexploit	OptimizePress Theme < 1.6 - Unauthenticated Arbitrary File Upload	29 Nov 201300:00	–	wpexploit

Nvd

Node

optimizepress optimizepressRange≤1.60---wordpress

Source	Link
blog	www.blog.sucuri.net/2013/12/wordpress-optimizepress-theme-file-upload-vulnerability.html
help	www.help.optimizepress.com/customer/portal/articles/1381790-important-optimizepress-1-0-security-update
osirt	www.osirt.com/2013/11/wordpress-optimizepress-hack-file-upload-vulnerability/
seclists	www.seclists.org/fulldisclosure/2013/Dec/127

Parameter	Position	Path	Description	CWE
newcsimg	request body	/wp-content/themes/OptimizePress/lib/admin/media-upload.php	Unrestricted file upload vulnerability allowing remote code execution via uploading a PHP file.	CWE-20
imgpath	request body	/wp-content/themes/OptimizePress/lib/admin/media-upload.php	Unrestricted file upload vulnerability allowing remote code execution via uploading a PHP file.	CWE-20

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Dec 2013 23:55Current

8High risk

Vulners AI Score8

CVSS26.8

EPSS0.39439

CWE-20