CVE-2014-9521
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Unrestricted file upload vulnerability in uploadScript.php in InfiniteWP Admin Panel before 2.4.4, when the allWPFiles query parameter is set, allows remote attackers to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in the uploads directory, as demonstrated by the .php.swp filename.
Vulnerabilidad de la subida de ficheros sin restricciones en uploadScript.php en InfiniteWP Admin Panel anterior a 2.4.4, cuando el parámetro allWPFiles query está configurado, permite a atacantes remotos ejecutar código arbitrario mediante la subida de un fichero con una extensión doble, posteriormente accediéndolo a través de una solicitud directa al fichero en el directorio de subidas, tal y como fue demostrado por el nombre de fichero .php.swp.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-01-05 CVE Reserved
- 2015-01-05 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2014/Dec/43 | Mailing List |
|
| https://lifeforms.nl/20141210/infinitewp-vulnerabilities | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Infinitewp Search vendor "Infinitewp" | Infinitewp Search vendor "Infinitewp" for product "Infinitewp" | <= 2.4.3 Search vendor "Infinitewp" for product "Infinitewp" and version " <= 2.4.3" | - |
Affected
| ||||||