Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 16 Jul 2015 15:02:45 +0300
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE request: WordPress plugin sp-client-document-manager Blind SQL
 Injection

Can I get CVE identifier for WordPress plugin sp-client-document-manager Blind
SQL Injection vulnerability, thanks?

URL: https://wordpress.org/plugins/sp-client-document-manager/
Affected: 2.5.3 and previous version
Fixed in: 2.5.4
PoC:
/wordpress/wp-content/plugins/sp-client-document-manager/ajax.php?function=thumbnails&pid=[SQLi]
Changelog says for 2.5.4: "Fixed exploit in ajax (credit: rh3792@...er.com)"
More information: https://www.exploit-db.com/exploits/36576/

Please note that changelog also says: "2.5.7.3: Security fix, please update",
but I do not yet have more information about that issue.

-- 
Henri Salo

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ