Summary
This host is running WordPress Social Discussions Plugin and is prone to remote file inclusion and full path disclosure vulnerabilities.
Impact
Successful exploitation could allow attackers to attackers to execute arbitrary PHP code and to gain sensitive information like installation path location.
Impact Level: Application
Solution
Update to version 6.1.2 or later,
For updates refer to http://wordpress.org/extend/plugins/social-discussions
Insight
The flaws are due to
- Improper validation of user-supplied input to the 'HTTP_ENV_VARS' parameter in 'social-discussions-networkpub_ajax.php'.
- Error in the social-discussions/social-discussions-networkpub.php, social-discussions/social-discussions.php and
social-discussions/social_discussions_service_names.php, which reveals the full installation path of the script.
Affected
WordPress Social Discussions Plugin version 6.1.1
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Apache Solr Directory Traversal Vulnerability Jan-14
- Adobe ColdFusion HTTP Response Splitting Vulnerability
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability