history-collection Plugin up to 1.1.1 on WordPress download.php var directory traversal – DigitalMunition




Exploit Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on October 11th, 2019 📆 | 1811 Views ⚑

0

history-collection Plugin up to 1.1.1 on WordPress download.php var directory traversal

CVSS Meta Temp Score Current Exploit Price (≈)
5.5 $0-$5k

A vulnerability classified as critical has been found in history-collection Plugin up to 1.1.1 on WordPress (WordPress Plugin). Affected is an unknown code block of the file download.php. The manipulation of the argument var as part of a Parameter leads to a directory traversal vulnerability. CWE is classifying the issue as CWE-22. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was released 10/10/2019. This vulnerability is traded as CVE-2015-9470 since 10/10/2019. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 10/10/2019).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Type

Name

VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.5

VulDB Base Score: ≈5.5
VulDB Temp Score: ≈5.5
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Directory traversal (CWE-22)
Local: Yes
Remote: No

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: no mitigation known

0-Day Time: 🔒

10/10/2019 Advisory disclosed
10/10/2019 +0 days VulDB entry created
10/10/2019 +0 days CVE assigned
10/10/2019 +0 days VulDB last update
CVE: CVE-2015-9470 (🔒)Created: 10/10/2019 09:37 PM
Complete: 🔍

Check our Alexa App!

https://vuldb.com/?id.143316

Download Nulled WordPress Themes
Download Premium WordPress Themes Free
Free Download WordPress Themes
Premium WordPress Themes Download
online free course

Tagged with:



Leave a Reply ✍


loading...