Lucene search
K

4 matches found

NVD
NVD
added 2012/10/08 5:55 p.m.15 views

CVE-2012-5318

Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in the directory specified...

6.8CVSS7.7AI score0.06536EPSS
Exploits0References2
Prion
Prion
added 2012/10/08 5:55 p.m.13 views

Unrestricted file upload

Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in the directory specified...

6.8CVSS8.3AI score0.11571EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2012/10/08 5:0 p.m.56 views

CVE-2012-5318

The CVE-2012-5318 entry is confirmed with concrete details: it affects the Kish Guest Posting WordPress plugin (version 1.2) via an Unrestricted file upload in uploadify/scripts/uploadify.php. The vulnerability allows remote attackers to execute arbitrary code by uploading a file with a double ex...

6.8CVSS7.9AI score0.06536EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/10/08 5:0 p.m.45 views

CVE-2012-1125

The Kish Guest Posting WordPress plugin vulnerability CVE-2012-1125 affects plugin versions prior to 1.2, where an unrestricted/arbitrary file upload occurs via uploadify.php. An attacker can upload a PHP-file and access it through the directory path specified by the folder parameter, enabling re...

6.8CVSS8AI score0.11571EPSS
Exploits1References11Affected Software1
Rows per page
Query Builder