Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | CVE-2018-19040 | 31 Jan 201919:00 | – | cvelist |
 | CVE-2018-19040 | 31 Jan 201919:29 | – | nvd |
 | WordPress Media File Manager Plugin < 1.4.4 Multiple Vulnerabilities | 6 Mar 201900:00 | – | openvas |
 | CVE-2018-19040 | 31 Jan 201919:29 | – | osv |
 | Directory traversal | 31 Jan 201919:29 | – | prion |
 | Media File Manager <= 1.4.2 - Authenticated Multiple Vulnerabilities | 5 Nov 201800:00 | – | wpexploit |
 | Media File Manager <= 1.4.2 - Authenticated Multiple Vulnerabilities | 5 Nov 201800:00 | – | wpvulndb |
Node
| Source | Link |
|---|---|
| exploit-db | www.exploit-db.com/exploits/45809/ |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| action | request body | wordpress/wp-admin/admin-ajax.php | Directory traversal via dir parameter in mrelocator_getdir to admin-ajax.php | CWE-22 |
| dir | request body | wordpress/wp-admin/admin-ajax.php | Directory traversal via dir parameter in mrelocator_getdir to admin-ajax.php | CWE-22 |
| action | request body | wordpress/wp-admin/admin-ajax.php | Reflected XSS context using dir parameter in mrelocator_getdir (example payload [XSS]) | CWE-22 |
| dir | request body | wordpress/wp-admin/admin-ajax.php | Reflected XSS context using dir parameter in mrelocator_getdir (example payload [XSS]) | CWE-22 |
| action | request body | wordpress/wp-admin/admin-ajax.php | Move any file via dir_from/dir_to in mrelocator_move with dir traversal | CWE-22 |
| dir_from | request body | wordpress/wp-admin/admin-ajax.php | Move any file via dir_from/dir_to in mrelocator_move with dir traversal | CWE-22 |
| dir_to | request body | wordpress/wp-admin/admin-ajax.php | Move any file via dir_from/dir_to in mrelocator_move with dir traversal | CWE-22 |
| items | request body | wordpress/wp-admin/admin-ajax.php | Move any file via dir_from/dir_to in mrelocator_move with dir traversal | CWE-22 |
| action | request body | wordpress/wp-admin/admin-ajax.php | Rename file via dir parameter and from/to in mrelocator_rename with directory traversal | CWE-22 |
| dir | request body | wordpress/wp-admin/admin-ajax.php | Rename file via dir parameter and from/to in mrelocator_rename with directory traversal | CWE-22 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Nov 2024 03:57Current
5.5Medium risk
Vulners AI Score5.5
CVSS 25
CVSS 35.3
EPSS0.10254