EUVD-2011-3934

Malware in sbrugna...

AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload

No description provided by source. Exploit Title: AllWebMenus WordPress Menu Plugin Arbitrary file upload Version: 1.1.9 Date: 2012-01-19 Author: 6Scan http://6scan.com security team Software Link: http://wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/ Official fix: This advisory ...

Unrestricted file upload

Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory...

Remote file inclusion

PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...

CVE-2011-3981

CVE-2011-3981 affects WordPress AllWebMenus Plugin 1.1.3. The AllWebMenus plugin is vulnerable to a PHP remote file inclusion via the abspath parameter in actions.php, due to insufficient input sanitization, allowing attempted arbitrary PHP code execution. This aligns with multiple sources (NVD/N...

Wordpress AllWebMenus Plugin 1.1.3 Remote File Inclusion

Exploit for php platform in category web applications Exploit Title: Allwebmenus Wordpress Menu Plugin Wordpress plugin RFI Google Dork: inurl:wp-content/plugins/allwebmenus-wordpress-menu-plugin Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing Software Link...