9 matches found
EUVD-2016-8037
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-7169
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file- upload-upgrader.php in the upgrade package uploader in...
Directory Traversal
WordPress is vulenrable to directory traversal. The library does not sanitize the urlholder parameter in the FileUploadUpgrader class, allowing a malicious user to access arbitrary files by passing a string to the application...
CVE-2016-7169
Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter...
CVE-2016-7169
Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter...
CVE-2016-7169
Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter...
UBUNTU-CVE-2016-7169
Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter...
CVE-2016-7169
Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter...
CVE-2016-7169
Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter...