Summary
This host is installed with WordPress
ShortCode Plugin and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow
attacker to read arbitrary files on the target system.
Impact Level: System/Application
Solution
Upgrade to version 1.1 or later,
For updates refer to http://wordpress.org/plugins/download-shortcode
Insight
Input passed via the 'file' parameter
to force-download.php script is not properly sanitized before being returned to the user
Affected
WordPress Download Shortcode plugin
version 0.2.3 and earlier.
Detection
Send a crafted data via HTTP GET
request and check whether it is possible to read a local file
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2014-5465 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- /doc directory browsable ?
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- Apache Struts2/XWork Remote Command Execution Vulnerability