WordPress Swim Team plugin 'download. php' Arbitrary File download Vulnerability
WordPress Swim Team plugin 'download. php' Arbitrary File download Vulnerability
Release date:
Updated on:
Affected Systems:
WordPress Swim Team 1.44.10777
WordPress Swim Team
Description:
Bugtraq id: 75600
CVE (CAN) ID: CVE-2015-5471
Swim Team is a plug-in for the WordPress swimming Team management system.
Swim Team 1.44.20.77 and other versions have security vulnerabilities. Attackers can exploit this vulnerability to download arbitrary files.
<* Source: Larry W. Cashdollar (lwc@vapid.dhs.org)
Link: https://www.exploit-db.com/exploits/37601/
*>
Test method:
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://www.example.com/wp-content/plugins/wp-swimteam/include/user/download.php? File =/etc/passwd & amp; filename =/etc/passwd & amp; contenttype = text/html & amp; transient = 1 & amp; abspath =/usr/share/wordpress
Suggestion:
Vendor patch:
WordPress
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://wordpress.org/plugins/wp-swimteam/
This article permanently updates the link address: