Lucene search

MitreCVE-2016-1000112

HistoryOct 06, 2016 - 2:59 p.m.

CVE-2016-1000112

2016-10-0614:59:18

CWE-22

mitre

web.nvd.nist.gov

cve-2016-1000112

unauthenticated upload

remote upload

contus-video-comments v1.0

wordpress plugin

nvd

CVSS2

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

9.2

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin

Affected configurations

Nvd

Node

contussupportcontus-video-commentsMatch1.0wordpress

VendorProductVersionCPE
contussupportcontus-video-comments1.0cpe:2.3:a:contussupport:contus-video-comments:1.0:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
contussupport	contus-video-comments	1.0	cpe:2.3:a:contussupport:contus-video-comments:1.0:::::wordpress::

References

www.securityfocus.com/bid/93967

www.vapidlabs.com/advisory.php?v=163

CVSS2

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

9.2

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

Related for CVE-2016-1000112