Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
patchstackRandom RobbiePATCHSTACK:B4E34A0AC9D9B1AD1D8DA3C414B14F58
HistoryApr 02, 2020 - 12:00 a.m.

WordPress Art-Picture-Gallery plugin <= 1.2.9 - Unauthenticated Arbitrary File Upload vulnerability

2020-04-0200:00:00
Random Robbie
patchstack.com
19

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Unauthenticated Arbitrary File Upload vulnerability discovered by Random Robbie in WordPress Art-Picture-Gallery plugin (versions <= 1.2.9).

Solution

           Plugin closed. Deactivate and delete.
CPENameOperatorVersion
art-picture-galleryle1.2.9

Related

packetstorm 2
github 1
wpvulndb 2
wpexploit 2
nessus 3
checkpoint_advisories 1
prion 1
dsquare 1
zdt 1
veracode 1
metasploit 1
kitploit 2
osv 2
threatpost 1
exploitpack 2
ubuntucve 1
canvas 1
cve 1
debiancve 1
openvas 2
exploitdb 3
impervablog 1
oracle 1
packetstorm
packetstorm
Blueimp jQuery File Upload 9.22.0 Arbitrary File Upload
2019-01-17 00:00:00
blueimp jQuery Arbitrary File Upload
2018-11-05 00:00:00
github
github
Unrestricted Upload of File with Dangerous Type in blueimp-file-upload
2018-10-22 18:53:56
wpvulndb
wpvulndb
Art-Picture-Gallery <= 1.2.9 - Unauthenticated Arbitrary File Upload
2020-04-02 00:00:00
Tajer - Unauthenticated Arbitrary File Upload
2018-10-15 00:00:00
wpexploit
wpexploit
Art-Picture-Gallery <= 1.2.9 - Unauthenticated Arbitrary File Upload
2020-04-02 00:00:00
Tajer - Unauthenticated Arbitrary File Upload
2018-10-15 00:00:00
nessus
nessus
jQuery-File-Upload Arbitrary File Upload Vulnerability (Remote Check)
2018-10-22 00:00:00
Nessus Network Monitor < 6.3.1 Multiple Vulnerabilities (TNS-2023-43)
2023-11-30 00:00:00
Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)
2019-01-18 00:00:00
checkpoint_advisories
checkpoint_advisories
Blueimp jQuery File Upload Remote Code Execution (CVE-2018-9206)
2018-11-01 00:00:00
prion
prion
Design/Logic Flaw
2018-10-11 15:29:00
dsquare
dsquare
jQuery File Upload
2018-10-18 00:00:00
zdt
zdt
blueimp jQuery Arbitrary File Upload Exploit
2018-11-05 00:00:00
veracode
veracode
Arbitrary File Upload
2018-10-12 02:43:31
metasploit
metasploit
blueimp's jQuery (Arbitrary) File Upload
2018-10-23 04:35:42
kitploit
kitploit
JQShell - A Weaponized Version Of CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0)
2018-10-29 20:39:00
Darksplitz - Exploit Framework
2019-04-04 21:12:00
osv
osv
Unrestricted Upload of File with Dangerous Type in blueimp-file-upload
2018-10-22 18:53:56
CVE-2018-9206
2018-10-11 15:29:00
threatpost
threatpost
Thousands of Applications Vulnerable to RCE via jQuery File Upload
2018-10-23 12:31:06
exploitpack
exploitpack
Blueimps jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
2019-01-16 00:00:00
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
2018-10-11 00:00:00
ubuntucve
ubuntucve
CVE-2018-9206
2018-10-11 00:00:00
canvas
canvas
Immunity Canvas: JQUERY_FILE_UPLOAD
2018-10-11 15:29:00
cve
cve
CVE-2018-9206
2018-10-11 15:29:00
debiancve
debiancve
CVE-2018-9206
2018-10-11 15:29:00
openvas
openvas
Blueimp jQuery-File-Upload < 9.24.1 File Upload Vulnerability - Active Check
2018-11-02 00:00:00
Tenable Nessus Network Monitor < 6.3.1 Multiple Vulnerabilities (TNS-2023-43)
2023-11-30 00:00:00
exploitdb
exploitdb
Blueimp&#039;s jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
2019-01-16 00:00:00
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
2018-10-11 00:00:00
blueimp&#039;s jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
2018-11-06 00:00:00
impervablog
impervablog
CrimeOps of the KashmirBlack Botnet – Part II
2020-10-22 18:55:05
oracle
oracle
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for PATCHSTACK:B4E34A0AC9D9B1AD1D8DA3C414B14F58
packetstorm2github1wpvulndb2wpexploit2nessus3checkpoint_advisories1prion1dsquare1zdt1veracode1metasploit1kitploit2osv2threatpost1exploitpack2ubuntucve1canvas1cve1debiancve1openvas2exploitdb3impervablog1oracle1