5 matches found
CVE-2016-20064
WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting an unescaped parameter in the include functionality. Attackers can supply directory traversal sequences through the wpv-image GET parameter to access sensitiv...
CVE-2016-20064 WP Vault 0.8.6.6 Local File Inclusion via wpv-image Parameter
WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting an unescaped parameter in the include functionality. Attackers can supply directory traversal sequences through the wpv-image GET parameter to access sensitiv...
CVE-2016-20064 WP Vault 0.8.6.6 Local File Inclusion via wpv-image Parameter
WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting an unescaped parameter in the include functionality. Attackers can supply directory traversal sequences through the wpv-image GET parameter to access sensitiv...
CVE-2016-20064
CVE-2016-20064 affects WP Vault 0.8.6.6, where an unauthenticated attacker can trigger a local file inclusion via an unescaped wpv-image GET parameter. The vulnerability allows traversal to access sensitive files (e.g., system configuration) due to improper handling in the include function. Accor...
WordPress plugin WP Vault 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...