6 matches found
CVE-2019-16902
In the ARforms plugin 3.7.1 for WordPress, arfdeletefile in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname...
WordPress Arforms 3.7.1 - Directory Traversal
WordPress Arforms 3.7.1 - Directory Traversal Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Date: 2019-09-27 Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link:...
WordPress Arforms 3.7.1 Directory Traversal
Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Date: 2019-09-27 Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link: https://www.arformsplugin.com/documentation/changelog/ Version: 3.7.1 CVE ID...
WordPress Plugin Arforms 3.7.1 - Directory Traversal
Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Date: 2019-09-27 Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link: https://www.arformsplugin.com/documentation/changelog/ Version: 3.7.1 CVE ID...
CVE-2019-16902
In the ARforms plugin 3.7.1 for WordPress, arfdeletefile in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname...
CVE-2019-16902
CVE-2019-16902 – ARforms WordPress plugin : The ARforms plugin 3.7.1 is vulnerable due to arf_delete_file in arformcontroller.php, which allows an unauthenticated attacker to delete arbitrary files by supplying the full pathname. This impacts WordPress installations using ARforms 3.7.1. Public ex...