Summary
Wordpress theme 'Method' is prone to an arbitrary file download vulnerability
Impact
Exploiting this issue could allow an attacker to compromise the application and the underlying system
other attacks are also
possible.
Solution
Ask the vendor for an update
Detection
Send a crafted HTTP GET request and check the response
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
- Apple Safari RSS Feed Information Disclosure Vulnerability
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
- Advantech Studio 'NTWebServer.exe' Directory Traversal Vulnerability