13 matches found
EUVD-2015-1015
Malware in sbrugna...
Wordpress wptf-image-gallery information disclosure vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. wptf-image-gallery is one of the gallery plugin for full-screen display. An information disclosure vulnerability exists in Wordpress wptf-image-gallery plugin v1.03, which can be exploited ...
CVE-2015-1000007
Remote file download vulnerability in wptf-image-gallery v1.03...
Remote file inclusion
Remote file download vulnerability in wptf-image-gallery v1.03...
CVE-2015-1000007
CVE-2015-1000007 corresponds to a remote file download vulnerability in the WordPress plugin “wptf-image-gallery” v1.03. The issue arises in the plugin’s file handling in lib-mbox/ajax_load.php, where user input is not properly sanitized and access control is not enforced, enabling an unauthentic...
CVE-2015-1000007
Remote file download vulnerability in wptf-image-gallery v1.03...
WordPress WPTF Image Gallery 1.03 File Download Vulnerability
WordPress WPTF Image Gallery plugin version 1.03 suffers from an arbitrary remote file download vulnerability. Title: Remote file download vulnerability in wptf-image-gallery v1.03 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-17 Download Site: https://wordpress.org/plugins/wptf-image-galler...
WordPress WPTF Image Gallery Plugin 1.0.3 - Aribtrary File Download
WPTF Image Gallery plugin is prone to an arbitrary file download vulnerability via "/wptf-image-gallery/lib-mbox/ajaxload.php ". It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Upgrade the plugin...
WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download
WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download Title: Remote file download vulnerability in wptf-image-gallery v1.03 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-17 Download Site: https://wordpress.org/plugins/wptf-image-gallery Vendor:...
WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download
Title: Remote file download vulnerability in wptf-image-gallery v1.03 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-17 Download Site: https://wordpress.org/plugins/wptf-image-gallery Vendor: https://profiles.wordpress.org/sakush100/ Vendor Notified: 0000-00-00 Vendor Contact:...
WordPress WPTF Image Gallery 1.03 File Download
Title: Remote file download vulnerability in wptf-image-gallery v1.03 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-17 Download Site: https://wordpress.org/plugins/wptf-image-gallery Vendor: https://profiles.wordpress.org/sakush100/ Vendor Notified: 0000-00-00 Vendor Contact:...
wptf-image-gallery 1.0.3 - Remote File Download
Plugin is still affected and has been closed. The ./wptf-image-gallery/lib-mbox/ajaxload.php code doesn't sanitize user input or check that a user is authorized to download files. This allows an unauthenticated user to download sensitive system files: 1 PoC $ curl...
wptf-image-gallery 1.0.3 - Remote File Download
Plugin is still affected and has been closed. The ./wptf-image-gallery/lib-mbox/ajaxload.php code doesn't sanitize user input or check that a user is authorized to download files. This allows an unauthenticated user to download sensitive system files: 1 $ curl...