Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2013-5962
HistorySep 30, 2013 - 10:55 p.m.

CVE-2013-5962

2013-09-3022:55:03
mitre
web.nvd.nist.gov
40
cve-2013-5962
vulnerability
file upload
frames/upload-images.php
complete gallery manager
wordpress
remote code execution
nvd

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

8

Confidence

Low

EPSS

0.718

Percentile

98.1%

JSON

Unrestricted file upload vulnerability in frames/upload-images.php in the Complete Gallery Manager plugin before 3.3.4 rev40279 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/[year]/[month]/.

Affected configurations

Nvd
Node
envatocomplete_gallery_manager_pluginRange3.3.3rev39177
OR
envatocomplete_gallery_manager_pluginMatch1.0.0rev25273
OR
envatocomplete_gallery_manager_pluginMatch1.0.1rev25421
OR
envatocomplete_gallery_manager_pluginMatch1.0.2rev25487
OR
envatocomplete_gallery_manager_pluginMatch2.0.0rev27524
OR
envatocomplete_gallery_manager_pluginMatch2.0.1rev27876
OR
envatocomplete_gallery_manager_pluginMatch2.0.2rev28693
OR
envatocomplete_gallery_manager_pluginMatch2.0.3rev28734
OR
envatocomplete_gallery_manager_pluginMatch3.0.0rev29469
OR
envatocomplete_gallery_manager_pluginMatch3.0.1rev29536
OR
envatocomplete_gallery_manager_pluginMatch3.1.0rev30003
OR
envatocomplete_gallery_manager_pluginMatch3.1.1rev30900
OR
envatocomplete_gallery_manager_pluginMatch3.2.0rev31030
OR
envatocomplete_gallery_manager_pluginMatch3.2.1rev33197
OR
envatocomplete_gallery_manager_pluginMatch3.2.2rev33971
OR
envatocomplete_gallery_manager_pluginMatch3.2.3rev34390
OR
envatocomplete_gallery_manager_pluginMatch3.2.4rev34757
OR
envatocomplete_gallery_manager_pluginMatch3.2.5rev34942
OR
envatocomplete_gallery_manager_pluginMatch3.2.6rev36235
OR
envatocomplete_gallery_manager_pluginMatch3.2.7rev36257
OR
envatocomplete_gallery_manager_pluginMatch3.2.8rev36369
OR
envatocomplete_gallery_manager_pluginMatch3.3.0rev36620
OR
envatocomplete_gallery_manager_pluginMatch3.3.1rev38906
OR
envatocomplete_gallery_manager_pluginMatch3.3.2rev39009
VendorProductVersionCPE
envatocomplete_gallery_manager_plugin*cpe:2.3:a:envato:complete_gallery_manager_plugin:*:rev39177:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin1.0.0cpe:2.3:a:envato:complete_gallery_manager_plugin:1.0.0:rev25273:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin1.0.1cpe:2.3:a:envato:complete_gallery_manager_plugin:1.0.1:rev25421:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin1.0.2cpe:2.3:a:envato:complete_gallery_manager_plugin:1.0.2:rev25487:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin2.0.0cpe:2.3:a:envato:complete_gallery_manager_plugin:2.0.0:rev27524:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin2.0.1cpe:2.3:a:envato:complete_gallery_manager_plugin:2.0.1:rev27876:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin2.0.2cpe:2.3:a:envato:complete_gallery_manager_plugin:2.0.2:rev28693:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin2.0.3cpe:2.3:a:envato:complete_gallery_manager_plugin:2.0.3:rev28734:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin3.0.0cpe:2.3:a:envato:complete_gallery_manager_plugin:3.0.0:rev29469:*:*:*:*:*:*
envatocomplete_gallery_manager_plugin3.0.1cpe:2.3:a:envato:complete_gallery_manager_plugin:3.0.1:rev29536:*:*:*:*:*:*
Rows per page:
1-10 of 241

Related

cvelist 1
wpvulndb 1
exploitdb 1
nvd 1
checkpoint_advisories 1
prion 1
cvelist
cvelist
CVE-2013-5962
2013-09-30 16:00:00
wpvulndb
wpvulndb
Complete Gallery Manager 3.3.3 - Arbitrary File Upload
2014-08-01 10:59:03
exploitdb
exploitdb
WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload
2013-09-18 00:00:00
nvd
nvd
CVE-2013-5962
2013-09-30 22:55:03
checkpoint_advisories
checkpoint_advisories
WordPress Complete Gallery Manager Plugin Arbitrary Code Execution - Ver2 (CVE-2013-5962)
2014-03-31 00:00:00
prion
prion
Unrestricted file upload
2013-09-30 22:55:00

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

8

Confidence

Low

EPSS

0.718

Percentile

98.1%

JSON
Related for CVE-2013-5962
cvelist1wpvulndb1exploitdb1nvd1checkpoint_advisories1prion1