Lucene search
Larry CashdollarWPEX-ID:934940FF-BF21-4FF4-B72F-1B73ACE8F3BEHistoryJun 06, 2015 - 12:00 a.m.
SE HTML5 Album Audio Player <= 1.1.0 - Local File Include
2015-06-0600:00:00
Larry Cashdollar
9
EPSS
0.125
Percentile
95.5%
The se-html5-album-audio-player v1.1.0 plugin for wordpress has a local file include vulnerability. The download_audio.php file does not check to see if the user is authenticated, it only attempts to check if the path is in /wp-content/uploads which is easily defeated with …/.
http://www.example.com/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwdRelated
nvd
nvd
CVE-2015-4414
2015-06-17 18:59:08
zdt
zdt
prion
prion
Directory traversal
2015-06-17 18:59:00
cvelist
cvelist
CVE-2015-4414
2015-06-17 18:00:00
exploitdb
exploitdb
WordPress Plugin SE HTML5 Album Audio Player 1.1.0 - Directory Traversal
2015-06-12 00:00:00
nuclei
nuclei
WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal
2021-09-27 11:02:48
cve
cve
CVE-2015-4414
2015-06-17 18:59:08
packetstorm
packetstorm
WordPress SE HTML5 Album Audio Player 1.1.0 Directory Traversal
2015-06-11 00:00:00
wpvulndb
wpvulndb
SE HTML5 Album Audio Player <= 1.1.0 - Local File Include
2015-06-06 00:00:00
openvas
openvas