Page 4 of 25 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration). El plugin Imagely NextGen Gallery para Wordpress en versiones anteriores a la 2.1.57 no valida correctamente las entradas de usuario en el parámetro cssfile de una petición HTTP POST. Esto podría permitir que un usuario autenticado lea archivos arbitrarios del servidor o ejecute código arbitrario en el servidor en algunas circunstancias (depende de la configuración del servidor). • https://www.kb.cert.org/vuls/id/346175 https://www.securityfocus.com/bid/94356 • CWE-20: Improper Input Validation CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •

CVSS: 9.0EPSS: 0%CPEs: 70EXPL: 0

In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php. En post-new.php en el plugin Photocrati NextGEN Gallery 2.1.10 para WordPress, la subida de archivos sin restricción está disponible mediante el parámetro name, si se cambia una extensión de archivo de .jpg a .php. • http://www.openwall.com/lists/oss-security/2015/10/27/6 https://cybersecurityworks.com/zerodays/cve-2015-9228-crony.html https://github.com/cybersecurityworks/Disclosed/issues/6 https://packetstormsecurity.com/files/135061/WordPress-NextGEN-Gallery-2.1.10-Shell-Upload.html https://wordpress.org/plugins/nextgen-gallery/#developers https://wpvulndb.com/vulnerabilities/9758 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 3

The NextGEN Gallery plugin before 2.1.10 for WordPress has multiple XSS issues involving thumbnail_width, thumbnail_height, thumbwidth, thumbheight, wmXpos, and wmYpos, and template. El plugin NextGEN Gallery versiones anteriores a 2.1.10 para WordPress, presenta múltiples problemas de tipo XSS que involucran a los parámetros thumbnail_width, thumbnail_height, thumbwidth, thumbheight, wmXpos y wmYpos, y template. • https://cybersecurityworks.com/zerodays/cve-2015-9537-nextgen.html https://github.com/cybersecurityworks/Disclosed/issues/1 https://wordpress.org/plugins/nextgen-gallery/#developers https://www.openwall.com/lists/oss-security/2015/10/27/4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 5

The NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path selection. El plugin NextGEN Gallery versiones anteriores a 2.1.15 para WordPress, permite un Salto de Directorio de ../ en la selección de ruta. • https://cxsecurity.com/issue/WLB-2015080165 https://cybersecurityworks.com/zerodays/cve-2015-9538-nextgen.html https://github.com/cybersecurityworks/Disclosed/issues/2 https://packetstormsecurity.com/files/135114/WordPress-NextGEN-Gallery-2.1.15-Cross-Site-Scripting-Path-Traversal.html https://wordpress.org/plugins/nextgen-gallery/#developers https://www.openwall.com/lists/oss-security/2015/08/28/4 https://www.openwall.com/lists/oss-security/2015/09/01/7 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the application validates user uploaded files and lack of security measures preventing unwanted HTTP requests. En el plugin nextgen-galery de wordpress versiones anteriores a 2.0.77.3, se presentan dos vulnerabilidades que pueden permitir a un atacante conseguir acceso completo sobre la aplicación web. Las vulnerabilidades radican en cómo la aplicación comprueba los archivos subidos por el usuario y en la falta de medidas de seguridad que impidan las peticiones HTTP no deseadas • https://blog.nettitude.com/uk/crsf-and-unsafe-arbitrary-file-upload-in-nextgen-gallery-plugin-for-wordpress https://wpscan.com/vulnerability/c894727a-b779-4583-a860-13c2c27275d4 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-434: Unrestricted Upload of File with Dangerous Type •