Lucene search
HistoryJan 03, 2014 - 6:54 p.m.
CVE-2013-7240
cve-2013-7240
directory traversal
advanced dewplayer
wordpress
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
9.1 High
AI Score
Confidence
High
0.265 Low
EPSS
Percentile
96.8%
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a … (dot dot) in the dew_file parameter.
Affected configurations
Node
westerndealadvanced_dewplayerMatch1.2
wordpresswordpressMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| westerndeal:advanced_dewplayer | westerndeal advanced dewplayer | eq | 1.2 |
| wordpress:wordpress | wordpress | eq | - |
Related
wpvulndb
wpvulndb
prion
prion
Directory traversal
2014-01-03 18:54:00
nuclei
nuclei
WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal
2021-07-25 23:49:51
openvas
openvas
seebug
seebug
Advanced Dewplayer Plugin for WordPress 'download-file.php'脚本目录遍历漏洞
2014-01-02 00:00:00
cvelist
cvelist
CVE-2013-7240
2014-01-02 15:00:00
nvd
nvd
CVE-2013-7240
2014-01-03 18:54:09
patchstack
patchstack
WordPress Advanced Dewplayer Plugin - Script Directory Traversal
2013-12-30 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
9.1 High
AI Score
Confidence
High
0.265 Low
EPSS
Percentile
96.8%
Related for CVE-2013-7240