10 matches found
CVE-2015-10136
The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before 3.0 via the 'fileid' parameter. This allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2015-10136
The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before 3.0 via the 'fileid' parameter. This allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2015-10136 GI-Media Library < 3.0 - Directory Traversal
The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before 3.0 via the 'fileid' parameter. This allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2015-10136 GI-Media Library < 3.0 - Directory Traversal
The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before 3.0 via the 'fileid' parameter. This allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2015-10136
The CVE-2015-10136 issue affects the GI-Media Library plugin for WordPress (pre-3.0). The vulnerability is a Directory Traversal via the fileid parameter, allowing unauthenticated attackers to read arbitrary server files. Impact is described as high (CVSSv3.1: 7.5, NETWORK/low complexity, no user...
PT-2025-30128
Name of the Vulnerable Software and Affected Versions GI-Media Library plugin for WordPress versions prior to 3.0 Description The GI-Media Library plugin for WordPress is susceptible to Directory Traversal via the fileid parameter. This allows unauthenticated attackers to read arbitrary files on...
WordPress plugin GI-Media Library 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
WordPress GI-Media Library Plugin Directory Traversal Vulnerability
This module exploits a directory traversal vulnerability in WordPress Plugin GI-Media Library version 2.2.2, allowing to read arbitrary files from the system with the web server privileges. This module has been tested successfully on GI-Media Library version 2.2.2 with WordPress 4.1.3 on Ubuntu...
GI-Media Library <= 2.2.2 - Arbitrary File Download
The gi-media-library WordPress plugin was affected by an Arbitrary File Download security vulnerability. /wp-content/plugins/gi-media-library/download.php?fileid=Li4vLi4vLi4vd3AtY29uZmlnLnBocA== Where "Li4vLi4vLi4vd3AtY29uZmlnLnBocA==" is "../../../wp-config.php" Base64 encoded...
WordPress GI-Media Library Plugin <= 2.2.2 - Arbitrary File Download
This plugin is prone to an arbitrary file download vulnerability. Solution Update the plugin...