Описание
Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.
Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-0896
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72385
- http://osvdb.org/78270
- http://packetstormsecurity.org/files/108631/countperday-downloadxss.txt
- http://plugins.trac.wordpress.org/changeset/488883/count-per-day
- http://secunia.com/advisories/47529
- http://wordpress.org/extend/plugins/count-per-day/changelog
- http://www.exploit-db.com/exploits/18355
- http://www.securityfocus.com/bid/51402
Связанные уязвимости
nvd
почти 14 лет назад
Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.