3 matches found
CVE-2015-4414
Directory traversal vulnerability in downloadaudio.php in the SE HTML5 Album Audio Player se-html5-album-audio-player plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2015-4414
Directory traversal vulnerability in downloadaudio.php in the SE HTML5 Album Audio Player se-html5-album-audio-player plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2015-4414
The CVE-2015-4414 issue affects WordPress SE HTML5 Album Audio Player plugin versions up to 1.1.0. A directory traversal vulnerability exists in download_audio.php, allowing remote, unauthenticated attackers to read arbitrary server files by crafting a .. path in the file parameter. Root cause: i...