Lucene search
PRIOn knowledge basePRION:CVE-2011-4106HistoryOct 26, 2013 - 4:55 p.m.
Design/Logic Flaw
2013-10-2616:55:00
PRIOn knowledge base
www.prio-n.com
4
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache directory, as exploited in the wild in August 2011.
References
markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/
markmaunder.com/2011/08/02/technical-details-and-scripts-of-the-wordpress-timthumb-php-hack/
www.binarymoon.co.uk/2011/08/timthumb-2/
www.openwall.com/lists/oss-security/2011/11/03/4
code.google.com/p/timthumb/issues/detail?id=212
www.exploit-db.com/exploits/17602
www.exploit-db.com/exploits/17872
Related
dsquare
dsquare
Wordpress Vk Gallery 1.1.0 File Upload
2012-02-09 00:00:00
Wordpress LISL Last Image Slider 1.0 File Upload
2012-02-09 00:00:00
Wordpress Kino Gallery 1.0 File Upload
2012-02-09 00:00:00
cvelist
cvelist
CVE-2011-4106
2022-10-03 16:15:13
cve
cve
CVE-2011-4106
2022-10-03 16:15:13
patchstack
patchstack
WordPress TimThumb Plugin 1.32 - Remote Code Execution
2011-08-03 00:00:00
nvd
nvd
CVE-2011-4106
2013-10-26 16:55:03
nessus
nessus
TimThumb Cache Directory 'src' Parameter Arbitrary PHP File Upload
2011-11-08 00:00:00
wpvulndb
wpvulndb
Extend 1.3.7 - Shell Upload
2014-08-01 10:58:53
impervablog
impervablog
CrimeOps of the KashmirBlack Botnet – Part II
2020-10-22 18:55:05