WordPress Clockstone Theme <= 1.2 - Arbitrary File Upload

This theme is prone to an arbitrary file upload vulnerability via "upload.php". It allows an attacker to upload arbitrary files to the affected computer. Solution Update the theme...

Clockstone <= 1.2 - Arbitrary File Upload

The clockstone WordPress theme was affected by an upload.php Arbitrary File Upload security vulnerability...

Clockstone and other CMSMasters Theme File Upload Vulnerabilities

No description provided by source. Exploit Title: Clockstone and Various other CMSMasters Theme File Upload Vulnerabilities Google Dork: wp-content/themes/clockstone Date: 12/18/2012 Exploit Author: DigiP Vendor Homepage: http://cmsmasters.net/ Software Link:...

WordPress 多个CMSMasters主题'upload.php'任意文件上传漏洞

BUGTRAQ ID: 56988 Clockstone是Wordpress的终极主题，一个单一的主题内集合了众多功能。 WordPress的Clockstone主题和其他主题存在文件上传漏洞。存在该漏洞的原因是由于问题代码对已登录的用户没有进行身份验证操作。攻击者可通过上传任意文件到受害者站点，进而获取站点的访问权限。 主题内有漏洞的代码： ?php if $POST'url' $uploaddir = $POST'url'; $firstfilename = $FILES'uploadfile''name'; $filename = md5$firstfilename; $ext =...

WordPress Clockstone Theme Arbitrary File Upload Vulnerability

The Clockstone Theme for WordPress is prone to an arbitrary file- upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload

Exploit Title: Clockstone and Various other CMSMasters Theme File Upload Vulnerabilities Google Dork: "wp-content/themes/clockstone" Date: 12/18/2012 Exploit Author: DigiP Vendor Homepage: http://cmsmasters.net/ Software Link: http://themeforest.net/item/clockstone-ultimate-wordpress-theme/306607...