Lucene search
PRIOn knowledge basePRION:CVE-2018-7204HistoryMar 07, 2018 - 8:29 p.m.
Design/Logic Flaw
2018-03-0720:29:00
PRIOn knowledge base
www.prio-n.com
4
0.002 Low
EPSS
Percentile
52.0%
inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. If a user edits the wp-config.php file using this plugin, the wp-config.php contents get added to log.txt, which is not protected and contains database credentials, salts, etc. These files have been indexed by Google and a simple dork will find affected sites.
| CPE | Name | Operator | Version |
|---|---|---|---|
| file_manager | le | 5.0.0 |
Related
nvd
nvd
CVE-2018-7204
2018-03-07 20:29:00
wpvulndb
wpvulndb
File Manager <= 5.0.0 - Information Disclosure
2018-03-02 00:00:00
patchstack
patchstack
WordPress File Manager plugin <=5.0.0 - Information Disclosure vulnerability
2018-03-02 00:00:00
cve
cve
CVE-2018-7204
2018-03-07 20:29:00
wpexploit
wpexploit
File Manager <= 5.0.0 - Information Disclosure
2018-03-02 00:00:00
cvelist
cvelist
CVE-2018-7204
2018-03-07 20:00:00