Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2015-9463First vendor Publication2019-10-10
VendorCveLast vendor Modification2019-10-15

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9463

CWE : Common Weakness Enumeration

%idName
100 %CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Sources (Detail)

SourceUrl
MISC http://packetstormsecurity.com/files/132578/
https://wordpress.org/plugins/s3bubble-amazon-s3-audio-streaming/#developers

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-10-16 05:19:27
  • Multiple Updates
2019-10-11 00:19:58
  • Multiple Updates
2019-10-10 21:19:50
  • First insertion