10 matches found
WordPress cysteme-finder plugin code issue vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in the WordPress cysteme-finder plugin prior to version 1.4, which stems fro...
CVE-2016-10955
The cysteme-finder plugin before 1.4 for WordPress has unrestricted file upload because of incorrect session tracking...
CVE-2016-10955
The CVE-2016-10955 affects the WordPress plugin cysteme-finder (before version 1.4). The root cause is incorrect session tracking that allows unrestricted file upload, enabling an attacker to upload, view, or delete files on the server. Red Hat and CNVD entries confirm the same description, and W...
WordPress CYSTEME Finder plugin arbitrary file disclosure+upload vulnerability
No description provided by source...
WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure/Arbitrary File Upload
Exploit Title: WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload Link: https://wordpress.org/plugins/cysteme-finder/ Version: 1.3 Date: August 23rd 2016 Exploit Author: T0w3ntum Author Website: t0w3ntum.com SUMMARY CYSTEME Finder is an admin file manager plugin...
WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File DisclosureArbitrary File Upload
WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File DisclosureArbitrary File Upload Exploit Title: WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload Link: https://wordpress.org/plugins/cysteme-finder/ Version: 1.3 Date: August 23rd 2016 Exploit Author: T0w3ntu...
WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Upload
Arbitrary File Upload vulnerability was found in WordPress CYSTEME Finder Plugin 1.3. It allows remote attackers to upload aribitary files to the target server. This vulnerability exists in http://targetserver/wp-content/plugins/cysteme-finder/php/connector.php file. Solution Update CYSTEME Finde...
CYSTEME Finder <= 1.3 - Unauthenticated LFI and Unauthenticated File Upload
CYSTEME does not properly check SESSION Cookies allowing a remote attacker to upload, view, or delete files from any location on the remote file system. - Retrieve all data in the root wordpress directory. This will return JSON. Exploit:...
CYSTEME Finder <= 1.3 - Unauthenticated LFI and Unauthenticated File Upload
CYSTEME does not properly check SESSION Cookies allowing a remote attacker to upload, view, or delete files from any location on the remote file system. PoC - Retrieve all data in the root wordpress directory. This will return JSON. Exploit:...
WordPress CYSTEME Finder 1.3 Plugin - Arbitrary File Disclosure/Arbitrary File Upload
Exploit for php platform in category web applications Exploit Title: WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload Link: https://wordpress.org/plugins/cysteme-finder/ Version: 1.3 Date: August 23rd 2016 Exploit Author: T0w3ntum Author Website: t0w3ntum.com...