Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2015/02/24 12:0 a.m.42 views

WordPress Holding Pattern Theme Arbitrary File Upload

This module requires Metasploit: http://www.metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'socket' class Metasploit3 'WordPress Holding Pattern Theme Arbitrary File Upload', 'Description' = %q This module exploits a file upload...

7.5CVSS0.3AI score0.59254EPSS
Exploits6
Metasploit
Metasploit
added 2015/02/14 12:54 p.m.25 views

WordPress Holding Pattern Theme Arbitrary File Upload

This module exploits a file upload vulnerability in all versions of the Holding Pattern theme found in the uploadfile.php script which contains no session or file validation. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web...

7.5CVSS7.5AI score0.59254EPSS
Exploits6
CVE
CVE
added 2015/02/11 7:0 p.m.83 views

CVE-2015-1172

The CVE-2015-1172 entry describes an Unrestricted File Upload vulnerability in WordPress Holding Pattern Theme (Holding Pattern) 0.6 and earlier, due to a faulty admin/upload-file.php that permits uploading PHP files without validation. A remote attacker can upload a PHP payload and trigger arbit...

7.5CVSS7.7AI score0.59254EPSS
Exploits6References3Affected Software1
Circl
Circl
added 2015/02/11 12:0 a.m.45 views

CVE-2015-1172

creationtimestamp| type| source ---|---|--- 2015-02-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41698 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wpholdingpatternfileupload.rb 2025-02-06...

7.5CVSS5.5AI score0.59254EPSS
Exploits6References2
Rows per page
Query Builder