CVE-2012-1125 – Kish Guest Posting <= 1.1 - Arbitrary File Upload

https://notcve.org/view.php?id=CVE-2012-1125

Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter. Vulnerabilidad de subida de archivos sin restricción en uploadify/scripts/uploadify.php en el plugin Kish Guest Posting anterior a v1.2 para WordPress, permite a atacantes remotos ejecutar código de su elección subiendo un archivo con una extensión PHP, después accediendo al mismo a través de una petición al fichero en el directorio especificado por el parámetro folder. The Kish Guest Posting plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify/scripts/uploadify.php file in versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. • https://www.exploit-db.com/exploits/18412 http://archives.neohapsis.com/archives/bugtraq/2012-01/0145.html http://plugins.svn.wordpress.org/kish-guest-posting/trunk/readme.txt http://plugins.trac.wordpress.org/changeset/403694/kish-guest-posting/trunk/uploadify/scripts/uploadify.php http://secunia.com/advisories/47688 http://www.exploit-db.com/exploits/18412 http://www.openwall.com/lists/oss-security/2012/03/06/11 http://www.openwall.com/lists/oss-security/2012/03/06/3 http&# • CWE-434: Unrestricted Upload of File with Dangerous Type •