Summary
This host is installed with WordPress Shopping Cart Plugin and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to gain sensitive information or to upload arbitrary PHP code and run it in the context of the Web server process.
Impact Level: Application
Solution
Upgrade to the WordPress Shopping Cart Plugin 8.1.15 or later, For updates refer to http://wordpress.org/extend/plugins/levelfourstorefront/
Insight
Input passed via the 'reqID' parameter to backup.php, dbuploaderscript.php, exportsubscribers.php , emailimageuploaderscript.php and productuploaderscript.php is not properly sanitised which allows to execute SQL commands or upload files with arbitrary extensions to a folder inside the webroot.
Affected
WordPress Shopping Cart plugin version 8.1.14
References
- http://packetstormsecurity.com/files/119217/WordPress-Shopping-Cart-8.1.14-Shell-Upload-SQL-Injection.html
- http://secunia.com/advisories/51690
- http://www.osvdb.org/88856
- http://www.osvdb.org/88857
- http://www.osvdb.org/88858
- http://www.osvdb.org/88863
- http://xforce.iss.net/xforce/xfdb/80932
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities
- AWCM CMS Multiple Remote File Include Vulnerabilities
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability
- AdPeeps 'index.php' Multiple Vulnerabilities.