Lucene search
K

7 matches found

CNVD
CNVD
added 2016/10/20 12:0 a.m.2 views

Wordpress simple-image-manipulator plugin remote file download vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. simple-image-manipulator is one of the image manipulator plugin. A remote file download vulnerability exists in Wordpress simple-image-manipulator plugin v1.0, which can be exploited by...

7.5CVSS7AI score0.07038EPSS
Exploits2References1
Prion
Prion
added 2016/10/06 2:59 p.m.12 views

Remote file inclusion

Remote file download in simple-image-manipulator v1.0 wordpress plugin...

5CVSS7.2AI score0.07038EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2016/10/06 2:0 p.m.25 views

CVE-2015-1000010

Remote file download in simple-image-manipulator v1.0 wordpress plugin...

7.7AI score0.07038EPSS
Exploits2References2
Patchstack
Patchstack
added 2015/08/10 12:0 a.m.7 views

WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download

Simple Image Manipulator plugin is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Upgrade the plugin...

3.9AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2015/08/09 12:0 a.m.24 views

WordPress Simple Image Manipulator 1.0 File Download Vulnerability

WordPress Simple Image Manipulator plugin version 1.0 suffers from an arbitrary remote file download vulnerability. Title: Remote file download in simple-image-manipulator v1.0 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-16 Download Site:...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/05 12:0 a.m.21 views

WordPress Simple Image Manipulator 1.0 File Download

Title: Remote file download in simple-image-manipulator v1.0 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-16 Download Site: https://wordpress.org/plugins/simple-image-manipulator Vendor: https://profiles.wordpress.org/kevartpatel/ Vendor Notified: 2015-07-16 Vendor Contact:...

0.3AI score
Exploits0
wpexploit
wpexploit
added 2015/08/02 12:0 a.m.23 views

simple-image-manipulator <= 1.0 - Remote File Download

Plugin is still affected and has been closed. In ./simple-image-manipulator/controller/download.php no checks are made to authenticate the user or sanitize input when determining file location. $ curl...

5CVSS1.6AI score0.07038EPSS
Exploits2References2
Rows per page
Query Builder