13 matches found
EUVD-2015-1015
Malware in sbrugna...
Wordpress wptf-image-gallery information disclosure vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. wptf-image-gallery is one of the gallery plugin for full-screen display. An information disclosure vulnerability exists in Wordpress wptf-image-gallery plugin v1.03, which can be exploited ...
CVE-2015-1000007
Remote file download vulnerability in wptf-image-gallery v1.03...
Remote file inclusion
Remote file download vulnerability in wptf-image-gallery v1.03...
CVE-2015-1000007
Remote file download vulnerability in wptf-image-gallery v1.03...
CVE-2015-1000007
CVE-2015-1000007 corresponds to a remote file download vulnerability in the WordPress plugin “wptf-image-gallery” v1.03. The issue arises in the plugin’s file handling in lib-mbox/ajax_load.php, where user input is not properly sanitized and access control is not enforced, enabling an unauthentic...
WordPress WPTF Image Gallery 1.03 File Download Vulnerability
WordPress WPTF Image Gallery plugin version 1.03 suffers from an arbitrary remote file download vulnerability. Title: Remote file download vulnerability in wptf-image-gallery v1.03 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-17 Download Site: https://wordpress.org/plugins/wptf-image-galler...
WordPress WPTF Image Gallery Plugin 1.0.3 - Aribtrary File Download
WPTF Image Gallery plugin is prone to an arbitrary file download vulnerability via "/wptf-image-gallery/lib-mbox/ajaxload.php ". It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Upgrade the plugin...
WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download
Title: Remote file download vulnerability in wptf-image-gallery v1.03 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-17 Download Site: https://wordpress.org/plugins/wptf-image-gallery Vendor: https://profiles.wordpress.org/sakush100/ Vendor Notified: 0000-00-00 Vendor Contact:...
WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download
WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download Title: Remote file download vulnerability in wptf-image-gallery v1.03 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-17 Download Site: https://wordpress.org/plugins/wptf-image-gallery Vendor:...
WordPress WPTF Image Gallery 1.03 File Download
Title: Remote file download vulnerability in wptf-image-gallery v1.03 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-17 Download Site: https://wordpress.org/plugins/wptf-image-gallery Vendor: https://profiles.wordpress.org/sakush100/ Vendor Notified: 0000-00-00 Vendor Contact:...
wptf-image-gallery 1.0.3 - Remote File Download
Plugin is still affected and has been closed. The ./wptf-image-gallery/lib-mbox/ajaxload.php code doesn't sanitize user input or check that a user is authorized to download files. This allows an unauthenticated user to download sensitive system files: 1 PoC $ curl...
wptf-image-gallery 1.0.3 - Remote File Download
Plugin is still affected and has been closed. The ./wptf-image-gallery/lib-mbox/ajaxload.php code doesn't sanitize user input or check that a user is authorized to download files. This allows an unauthenticated user to download sensitive system files: 1 $ curl...