CVE

Id
81410  
CVE No.
CVE-2015-4133  
Status
Candidate  
Description
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/ directory.  
Phase
Assigned (20150528)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
732303 81410 CVE-2015-4133 EXPLOIT-DB:36809  View
732304 81410 CVE-2015-4133 URL:https://www.exploit-db.com/exploits/36809/  View
732305 81410 CVE-2015-4133 MISC:http://packetstormsecurity.com/files/130845/  View
732306 81410 CVE-2015-4133 MISC:http://packetstormsecurity.com/files/131515/  View
732307 81410 CVE-2015-4133 MISC:https://wpvulndb.com/vulnerabilities/7867  View
732308 81410 CVE-2015-4133 CONFIRM:https://wordpress.org/plugins/reflex-gallery/changelog/  View
732309 81410 CVE-2015-4133 BID:57100  View
732310 81410 CVE-2015-4133 URL:http://www.securityfocus.com/bid/57100  View
732311 81410 CVE-2015-4133 OSVDB:88853  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
7759 JVNDB-2015-003079 Cisco IOS の TCL インタプリタにおける権限を取得される脆弱性 Cisco IOS の TCL インタプリタは、vty の状態を適切に保持しないため、権限を取得される脆弱性が存在します。 CVE-2015-4185 81410 6.9 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-003079.html  View