Summary
This host is installed with Wordpress NextGEN Gallery Plugin and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow remote attackers to read arbitrary file details on the target system.
Impact Level: Application
Solution
Upgrade to WordPress NextGEN Gallery version 2.0.7 or later, For updates refer to http://wordpress.org/plugins/nextgen-gallery
Insight
Flaw is due to the 'jquery.filetree/connectors/jqueryFileTree.php' script not properly sanitizing user input, specifically absolute paths passed via 'file' POST parameters.
Affected
WordPress NextGEN Gallery Plugin version 2.0.0, Other versions may also be affected.
Detection
Send a crafted data via HTTP GET request and check whether it is able to read local directory list or not.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
- Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
- Apache Tomcat NIO Connector Denial of Service Vulnerability
- Apache CouchDB Cross Site Request Forgery Vulnerability
- Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability