WordPress Theme Daily Deal - Arbitrary File Upload
| EKU-ID: 43186 | CVE: OSVDB-98924 | OSVDB-ID: |
| Author: DevilScreaM | Published: 2013-10-23 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 43186 | CVE: OSVDB-98924 | OSVDB-ID: |
| Author: DevilScreaM | Published: 2013-10-23 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/63257/info The Daily Deal theme is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. http://www.example.com/wp-content/themes/DailyDeal/monetize/upload/