Test Kennung:	1.3.6.1.4.1.25623.1.0.804769
Kategorie:	Web application abuses
Titel:	WordPress Infusionsoft Gravity Forms Add-on Arbitrary File Upload Vulnerability
Zusammenfassung:	This host is installed with WordPress; Infusionsoft Gravity Forms Add-on and is prone to remote file upload; vulnerability.
Beschreibung:	Summary: This host is installed with WordPress Infusionsoft Gravity Forms Add-on and is prone to remote file upload vulnerability. Vulnerability Insight: Flaw is due to the plugin failed to restrict access to certain files. Vulnerability Impact: Successful exploitation will allow an unauthenticated remote attacker to upload files in an affected site. Affected Software/OS: WordPress Infusionsoft Gravity Forms Add-on version 1.5.3 to 1.5.10 Solution: Upgrade to version 1.5.11 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6446 http://www.exploit-db.com/exploits/34925 http://packetstormsecurity.com/files/131002/Wordpress-InfusionSoft-Shell-Upload.html http://research.g0blin.co.uk/cve-2014-6446/ http://osvdb.org/show/osvdb/112171
Copyright	Copyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.