Description

serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.

Remediation

References

CVE-2016-10752

Related Vulnerabilities

WordPress Plugin WP ULike Multiple Vulnerabilities (3.1)

WordPress Plugin WP Marketplace TimThumb Arbitrary File Upload (1.1.0)

WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Cross-Site Request Forgery (4.02.03)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4581)

WordPress Plugin UltimateWoo-The Ultimate WooCommerce with Unlimited Usage PHP Object Injection (0.1.10)

Severity

Critical

Classification

CVE-2016-10752 CWE-434 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities