Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60619
HistoryFeb 03, 2013 - 12:00 a.m.

Wordpress Gallery插件'load'参数远程文件包含漏洞

2013-02-0300:00:00
Root
www.seebug.org
13

EPSS

0.003

Percentile

69.8%

JSON

Bugtraq ID:57650
CVE ID: CVE-2012-4919

WordPress Gallery是一款用于Wordpress的图库插件。
通过"load"参数提交给wp-content/plugins/wordpress-gallery/functions/update_order.ph的输入在用于包含文件之前缺少校验,允许攻击者利用漏洞包含远程文件,并以WEB权限执行任意代码。
0
WordPress Gallery Plugin 1.x
厂商解决方案

目前没有详细解决方案提供:
http://wordpress.org/extend/plugins/wordpress-gallery/

Related

prion 1
cvelist 1
nvd 1
wpvulndb 1
nessus 1
cve 1
prion
prion
Remote file inclusion
2020-01-22 19:15:00
cvelist
cvelist
CVE-2012-4919
2020-01-22 18:03:01
nvd
nvd
CVE-2012-4919
2020-01-22 19:15:10
wpvulndb
wpvulndb
Gallery - "load" Remote File Inclusion
2014-08-01 10:58:57
nessus
nessus
Gallery Plugin for WordPress 'load' Parameter Remote File Inclusion
2013-02-11 00:00:00
cve
cve
CVE-2012-4919
2020-01-22 19:15:10

EPSS

0.003

Percentile

69.8%

JSON
Related for SSV:60619
prion1cvelist1nvd1wpvulndb1nessus1cve1