Lucene search
RootSSV:61678HistoryMar 06, 2014 - 12:00 a.m.
WordPress VideoWhisper Live Streaming Integration多个信息泄漏漏洞
2014-03-0600:00:00
Root
www.seebug.org
15
0.01 Low
EPSS
Percentile
82.1%
Bugtraq ID:65880
CVE ID:CVE-2014-1908
WordPress是一种使用PHP语言开发的博客平台,用户可以在支持PHP和MySQL数据库的服务器上架设自己的网志。
WordPress VideoWhisper Live Streaming Integration多个脚本不正确实现错误处理机制,允许远程攻击者利用漏洞提交特制的HTTP GET请求,获取敏感应用信息。
0
WordPress VideoWhisper Live Streaming Integration 4.27.3
厂商补丁:
WordPress
WordPress VideoWhisper Live Streaming Integration 4.29.5已经修复该漏洞,建议用户下载更新:
http://wordpress.org/plugins/videowhisper-live-streaming-integration/
The following URL can be used to gain knowledge of full installation path of the application:
http://[host]/wp-content/plugins/videowhisper-live-streaming-integration
/bp.php
http://[host]/wp-content/plugins/videowhisper-live-streaming-integration
/videowhisper_streaming.php
http://[host]/wp-content/plugins/videowhisper-live-streaming-integration
/ls/rtmp.inc.php
Related
prion
prion
Design/Logic Flaw
2014-12-29 20:59:00
patchstack
patchstack
cve
cve
CVE-2014-1908
2014-12-29 20:59:00
cvelist
cvelist
CVE-2014-1908
2014-12-29 20:00:00
wpvulndb
wpvulndb
VideoWhisper Live Streaming Integration 4.27.3 - Multiple Vulnerabilities
2014-08-01 00:00:00
securityvulns
securityvulns
htbridge
htbridge
packetstorm
packetstorm
exploitpack
exploitpack
WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities
2014-02-28 00:00:00
openvas
openvas
WordPress VideoWhisper Live Streaming Integration Multiple Vulnerabilities
2014-04-01 00:00:00
exploitdb
exploitdb
WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities
2014-02-28 00:00:00