Lucene search
Dmitrii IgnatyevWPVDB-ID:64F2557F-C5E4-4779-9E28-911DFAF2DDA5HistoryNov 21, 2023 - 12:00 a.m.
Quttera Web Malware Scanner < 3.4.2.1 - Directory Listing to Sensitive Data Exposure
2023-11-2100:00:00
Dmitrii Ignatyev
wpscan.com
11
quttera web scanner
directory listing
sensitive data
Description The plugin doesn’t restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site’s code
PoC
http://your_site/wordpress/wp-content/plugins/quttera-web-malware-scanner/runtime.log http://your_site/wordpress/wp-content/plugins/quttera-web-malware-scanner/quttera_wp_report.txt
Related
nuclei
nuclei
Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure
2024-05-16 10:29:53
nvd
nvd
CVE-2023-6065
2023-12-18 20:15:08
cve
cve
CVE-2023-6065
2023-12-18 20:15:08
wpexploit
wpexploit
prion
prion
Code injection
2023-12-18 20:15:00
cvelist
cvelist
wordfence
wordfence
AI Score
9.1
Confidence
High
EPSS
0.001
Percentile
43.7%
Related for WPVDB-ID:64F2557F-C5E4-4779-9E28-911DFAF2DDA5