CVE-2014-1908
Broadcast Live Video – Live Streaming < 4.29.5 - Full Path Disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
La característica de manejo de error en (1) bp.php, (2) videowhisper_streaming.php, y (3) ls/rtmp.inc.php en el plugin VideoWhisper Live Streaming Integration anterior a 4.29.5 de WordPress permite a atacantes remotos obtener información sensible a través de una petición directa, la cual revela la ruta completa en un mensaje de error.
VideoWhisper Live Streaming Integration version 4.27.3 suffers from cross site scripting, remote shell upload, information exposure, and path traversal vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-02-07 CVE Reserved
- 2014-02-27 CVE Published
- 2014-02-28 First Exploit
- 2024-05-04 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/31986 | 2014-02-28 | |
https://www.htbridge.com/advisory/HTB23199 | 2024-08-06 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Videowhisper Search vendor "Videowhisper" | Videowhisper Live Streaming Integration Search vendor "Videowhisper" for product "Videowhisper Live Streaming Integration" | <= 4.27.4 Search vendor "Videowhisper" for product "Videowhisper Live Streaming Integration" and version " <= 4.27.4" | wordpress |
Affected
|