Lucene search
MitreCVE-2014-10021HistoryJan 13, 2015 - 11:59 a.m.
CVE-2014-10021
2015-01-1311:59:28
mitre
web.nvd.nist.gov
34
vulnerability
file upload
wp symposium plugin
wordpress
cve-2014-10021
security
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.91
Percentile
98.9%
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/.
Affected configurations
Node
wpsymposiumprowp_symposiumMatch14.11wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpsymposiumpro | wp_symposium | 14.11 | cpe:2.3:a:wpsymposiumpro:wp_symposium:14.11:*:*:*:*:wordpress:*:* |
Related
patchstack
patchstack
WordPress Symposium Plugin 14.11 - Shell Upload
2015-01-13 00:00:00
prion
prion
Unrestricted file upload
2015-01-13 11:59:00
nvd
nvd
CVE-2014-10021
2015-01-13 11:59:28
checkpoint_advisories
checkpoint_advisories
WordPress Symposium Plugin Unauthenticated Shell Upload (CVE-2014-10021)
2014-12-31 00:00:00
cvelist
cvelist
CVE-2014-10021
2015-01-13 11:00:00
exploitdb
exploitdb
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload
2014-12-15 00:00:00
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload (Metasploit)
2015-01-13 00:00:00
nessus
nessus
WP Symposium Plugin Arbitrary File Upload
2017-12-19 00:00:00
wpvulndb
wpvulndb
WP Symposium <= 14.11 - Unauthenticated Shell Upload
2014-12-11 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.91
Percentile
98.9%
Related for CVE-2014-10021