Lucene search

[email protected]CVE-2015-9228

HistorySep 12, 2017 - 8:29 a.m.

CVE-2015-9228

2017-09-1208:29:00

CWE-434

[email protected]

web.nvd.nist.gov

cve-2015-9228

photocrati nextgen gallery

wordpress

file upload

security vulnerability

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.2%

JSON

In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php.

Affected configurations

NVD

Node

imagelynextgen_galleryMatch1.5.0wordpress

imagelynextgen_galleryMatch1.5.1wordpress

imagelynextgen_galleryMatch1.5.2wordpress

imagelynextgen_galleryMatch1.5.3wordpress

imagelynextgen_galleryMatch1.5.4wordpress

imagelynextgen_galleryMatch1.5.5wordpress

imagelynextgen_galleryMatch1.6.0wordpress

imagelynextgen_galleryMatch1.6.1wordpress

imagelynextgen_galleryMatch1.6.2wordpress

imagelynextgen_galleryMatch1.7.0wordpress

imagelynextgen_galleryMatch1.7.1wordpress

imagelynextgen_galleryMatch1.7.2wordpress

imagelynextgen_galleryMatch1.7.3wordpress

imagelynextgen_galleryMatch1.7.4wordpress

imagelynextgen_galleryMatch1.8.0wordpress

imagelynextgen_galleryMatch1.8.1wordpress

imagelynextgen_galleryMatch1.8.2wordpress

imagelynextgen_galleryMatch1.8.3wordpress

imagelynextgen_galleryMatch1.8.4wordpress

imagelynextgen_galleryMatch1.9.0wordpress

imagelynextgen_galleryMatch1.9.1wordpress

imagelynextgen_galleryMatch1.9.2wordpress

imagelynextgen_galleryMatch1.9.3wordpress

imagelynextgen_galleryMatch1.9.5wordpress

imagelynextgen_galleryMatch1.9.6wordpress

imagelynextgen_galleryMatch1.9.7wordpress

imagelynextgen_galleryMatch1.9.8wordpress

imagelynextgen_galleryMatch1.9.10wordpress

imagelynextgen_galleryMatch1.9.11wordpress

imagelynextgen_galleryMatch1.9.12wordpress

imagelynextgen_galleryMatch1.9.13wordpress

imagelynextgen_galleryMatch2.0wordpress

imagelynextgen_galleryMatch2.0.7wordpress

imagelynextgen_galleryMatch2.0.11wordpress

imagelynextgen_galleryMatch2.0.14wordpress

imagelynextgen_galleryMatch2.0.17wordpress

imagelynextgen_galleryMatch2.0.21wordpress

imagelynextgen_galleryMatch2.0.23wordpress

imagelynextgen_galleryMatch2.0.25wordpress

imagelynextgen_galleryMatch2.0.27wordpress

imagelynextgen_galleryMatch2.0.30wordpress

imagelynextgen_galleryMatch2.0.31wordpress

imagelynextgen_galleryMatch2.0.33wordpress

imagelynextgen_galleryMatch2.0.40wordpress

imagelynextgen_galleryMatch2.0.57wordpress

imagelynextgen_galleryMatch2.0.58wordpress

imagelynextgen_galleryMatch2.0.59wordpress

imagelynextgen_galleryMatch2.0.61wordpress

imagelynextgen_galleryMatch2.0.63wordpress

imagelynextgen_galleryMatch2.0.65wordpress

imagelynextgen_galleryMatch2.0.66wordpress

imagelynextgen_galleryMatch2.0.66.16wordpress

imagelynextgen_galleryMatch2.0.66.17wordpress

imagelynextgen_galleryMatch2.0.66.26wordpress

imagelynextgen_galleryMatch2.0.66.27wordpress

imagelynextgen_galleryMatch2.0.66.29wordpress

imagelynextgen_galleryMatch2.0.66.31wordpress

imagelynextgen_galleryMatch2.0.66.33wordpress

imagelynextgen_galleryMatch2.0.71wordpress

imagelynextgen_galleryMatch2.0.74wordpress

imagelynextgen_galleryMatch2.0.76wordpress

imagelynextgen_galleryMatch2.0.77wordpress

imagelynextgen_galleryMatch2.0.78wordpress

imagelynextgen_galleryMatch2.0.78.1wordpress

imagelynextgen_galleryMatch2.0.79wordpress

imagelynextgen_galleryMatch2.1.0wordpress

imagelynextgen_galleryMatch2.1.2wordpress

imagelynextgen_galleryMatch2.1.7wordpress

imagelynextgen_galleryMatch2.1.9wordpress

imagelynextgen_galleryMatch2.1.10wordpress

CPENameOperatorVersion
imagely:nextgen_galleryimagely nextgen galleryeq1.5.0
imagely:nextgen_galleryimagely nextgen galleryeq1.5.1
imagely:nextgen_galleryimagely nextgen galleryeq1.5.2
imagely:nextgen_galleryimagely nextgen galleryeq1.5.3
imagely:nextgen_galleryimagely nextgen galleryeq1.5.4
imagely:nextgen_galleryimagely nextgen galleryeq1.5.5
imagely:nextgen_galleryimagely nextgen galleryeq1.6.0
imagely:nextgen_galleryimagely nextgen galleryeq1.6.1
imagely:nextgen_galleryimagely nextgen galleryeq1.6.2
imagely:nextgen_galleryimagely nextgen galleryeq1.7.0

CPE	Name	Operator	Version
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.5.0
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.5.1
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.5.2
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.5.3
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.5.4
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.5.5
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.6.0
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.6.1
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.6.2
imagely:nextgen_gallery	imagely nextgen gallery	eq	1.7.0

Rows per page:

1-10 of 701

References

www.openwall.com/lists/oss-security/2015/10/27/6

cybersecurityworks.com/zerodays/cve-2015-9228-crony.html

github.com/cybersecurityworks/Disclosed/issues/6

packetstormsecurity.com/files/135061/WordPress-NextGEN-Gallery-2.1.10-Shell-Upload.html

wordpress.org/plugins/nextgen-gallery/#developers

wpvulndb.com/vulnerabilities/9758

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for CVE-2015-9228

openvas1 cvelist1 wpvulndb1 nvd1 prion1