CVE-2018-25105 – File Manager <= 3.0 - Unauthenticated Arbitrary File Upload/Download
https://notcve.org/view.php?id=CVE-2018-25105
The File Manager plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in the /inc/root.php file in versions up to, and including, 3.0. This makes it possible for unauthenticated attackers to download arbitrary files from the server and upload arbitrary files that can be used for remote code execution. • https://www.wordfence.com/threat-intel/vulnerabilities/id/a56d5a2f-ae13-4523-bc4a-17bb2fb4c6f0?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=1942390%40wp-file-manager&new=1942390%40wp-file-manager&sfp_email=&sfph_mail= • CWE-862: Missing Authorization •
CVE-2018-7204 – Bit File Manager <= 5.0.0 - Information Disclosure
https://notcve.org/view.php?id=CVE-2018-7204
inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. If a user edits the wp-config.php file using this plugin, the wp-config.php contents get added to log.txt, which is not protected and contains database credentials, salts, etc. These files have been indexed by Google and a simple dork will find affected sites. inc/logger.php en el plugin Giribaz File Manager, en versiones anteriores a la 5.0.2, para WordPress registraba la actividad relacionada con el plugin en /wp-content/uploads/file-manager/log.txt. Si un usuario edita el archivo wp-config.php empleando este plugin, el contenido de wp-config.php se añade a log.txt, que no está protegido y contiene credenciales de base de datos, sales, etc. Estos archivos han sido indexados por Google y una simple búsqueda con Dork encontrará los sitios afectados. • https://plugins.trac.wordpress.org/changeset/1823035/file-manager https://wordpress.org/plugins/file-manager/#developers https://wpvulndb.com/vulnerabilities/9036 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2005-1602
https://notcve.org/view.php?id=CVE-2005-1602
SQL injection vulnerability in login.asp for Net56 Browser Based File Manager 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field. • http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0134.html http://www.osvdb.org/16544 http://www.securityfocus.com/bid/13547 https://exchange.xforce.ibmcloud.com/vulnerabilities/20504 •