Описание
Directory traversal vulnerability in pageflipbook.php script from index.php in Page Flip Book plugin for WordPress (wppageflip) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pageflipbook_language parameter.
Ссылки
- http://ceriksen.com/2012/07/10/wordpress-a-page-flip-book-plugin-local-file-inclusion-vulnerability/ExploitThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- http://ceriksen.com/2012/07/10/wordpress-a-page-flip-book-plugin-local-file-inclusion-vulnerability/ExploitThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:page_flip_book_project:page_flip_book:-:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 84%
0.0221
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in pageflipbook.php script from index.php in Page Flip Book plugin for WordPress (wppageflip) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pageflipbook_language parameter.
EPSS
Процентиль: 84%
0.0221
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-22