NVD

Id
45162  
Name
CVE-2012-3574  
Description
Unrestricted file upload vulnerability in includes/doajaxfileupload.php in the MM Forms Community plugin 2.2.5 and 2.2.6 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/temp.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-06-15  
Modified Date
2012-08-08  
Seq
2012-3574  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
226664 45162 CVE-2012-3574 18997  View
226665 45162 CVE-2012-3574 http://www.opensyscom.fr/Actualites/wordpress-plugins-mm-forms-community-shell-upload-vulnerability.html  View
226666 45162 CVE-2012-3574 53852  View
226667 45162 CVE-2012-3574 wp-mmforms-doajaxfileupload-file-upload(76133)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27056 JVNDB-2012-002763 WordPress 用 MM Forms Community プラグインにおける任意のコードを実行される脆弱性 WordPress 用 MM Forms Community プラグインの includes/doajaxfileupload.php には、任意のコードを実行される脆弱性が存在します。 CVE-2012-3574 56812 CVE-2012-3574 45162 7.5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002763.html 2012-06-16 2012-06-19 View