4 matches found
CVE-2012-5318
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in the directory specified...
Unrestricted file upload
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in the directory specified...
CVE-2012-5318
The CVE-2012-5318 entry is confirmed with concrete details: it affects the Kish Guest Posting WordPress plugin (version 1.2) via an Unrestricted file upload in uploadify/scripts/uploadify.php. The vulnerability allows remote attackers to execute arbitrary code by uploading a file with a double ex...
CVE-2012-1125
The Kish Guest Posting WordPress plugin vulnerability CVE-2012-1125 affects plugin versions prior to 1.2, where an unrestricted/arbitrary file upload occurs via uploadify.php. An attacker can upload a PHP-file and access it through the directory path specified by the folder parameter, enabling re...