Lucene search
MitreCVELIST:CVE-2014-9734HistoryOct 03, 2022 - 4:20 p.m.
CVE-2014-9734
2022-10-0316:20:41
mitre
www.cve.org
cve-2014-9734
wordpress
remote attackers
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a … (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.
References
marketblog.envato.com/news/affected-themes/
marketblog.envato.com/news/plugin-vulnerability/
packetstormsecurity.com/files/132366/WordPress-Revslider-4.2.2-XSS-Information-Disclosure.html
www.exploit-db.com/exploits/34511
blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
blog.sucuri.net/2014/12/revslider-vulnerability-leads-to-massive-wordpress-soaksoak-compromise.html
plugins.trac.wordpress.org/browser/patch-for-revolution-slider/trunk/revsliderpatch.php
Related
nvd
nvd
CVE-2014-9734
2015-06-30 14:59:00
CVE-2015-1579
2015-02-11 19:59:06
cve
cve
CVE-2014-9734
2022-10-03 16:20:41
CVE-2015-1579
2015-02-11 19:59:06
openvas
openvas
WordPress Revslider Arbitrary File Download Vulnerability
2015-07-10 00:00:00
WordPress Slider Revolution Arbitrary File Download Vulnerability
2015-03-31 00:00:00
prion
prion
Directory traversal
2015-06-30 14:59:00
Directory traversal
2015-02-11 19:59:00
patchstack
patchstack
WordPress Slider Revolution Plugin <= 4.1.4 - Arbitrary File Download
2015-03-30 00:00:00
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2015-1579
2015-02-11 19:00:00
packetstorm
packetstorm
WordPress Elegant Themes Divi Theme Directory Traversal Nmap NSE Script
2017-04-07 00:00:00
nuclei
nuclei
WordPress Slider Revolution - Local File Disclosure
2021-11-21 11:30:25
threatpost
threatpost
Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
2020-06-03 20:37:44