Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 24 Jul 2014 21:11:24 +0300
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Subject: CVE request: WordPress plugin vitamin traversal arbitrary file
 access 

Can I get 2012 CVE for WordPress plugin vitamin path parameter traversal
arbitrary file access vulnerability, thanks. Files: add_headers.php, minify.php

Affected: 1.0
Fixed in: 1.1

Short description of plugin:

 Vitamin is about SEO, speed and security. It includes sitemaps for SEO, cache
 for speed, antispam and hacker blocks for security. 

Plugin page: http://wordpress.org/plugins/vitamin/
Changelog: http://wordpress.org/plugins/vitamin/changelog/
OSVDB: http://osvdb.org/84463 http://osvdb.org/84464
SCM: https://plugins.trac.wordpress.org/changeset/582232/vitamin

---
Henri Salo

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ