Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 06 Mar 2017 12:32:30 -0500
From: "Larry W. Cashdollar" <larry0@...com>
To: Open Source Security <oss-security@...ts.openwall.com>
Subject: Remote file upload vulnerabilities in multiple wordpress plugins


Hello,

All of these plugins include unlicensed software developed by http://www.invedion.com/ that is vulnerable, I am unable to get 
more details from the vendor as to what the software name and version are and therefor can't issue a CVE for just
that software.  I've issued CVEs for the impacted plugins I know of:

CVE-2017-1002000
Remote file upload vulnerability in Wordpress Plugin mobile-friendly-app-builder-by-easytouch v3.0
Example: http://example.com/wordpress/wp-content/plugins/mobile-friendly-app-builder-by-easytouch/server/images.php
http://www.vapidlabs.com/advisory.php?v=179

CVE-2017-1002001
Remote file upload vulnerability in Wordpress Plugin mobile-app-builder-by-appress v1.05
Example: http://example.com/wordpress/wp-content/plugins/mobile-app-builder-by-wappress/server/images.php
http://www.vapidlabs.com/advisory.php?v=180

CVE-2017-1002002
Remote file upload vulnerability in Wordpress Plugin webapp-builder v2.0
Example: http://example.com/wordpress/wp-content/plugins/webapp-builder/server/images.php
http://www.vapidlabs.com/advisory.php?v=181


CVE-2017-1002003
Remote file upload vulnerability in Wordpress Plugin wp2android-turn-wp-site-into-android-app v1.1.4
Example: http://example.com/wordpress/wp-content/plugins/wp2android-turn-wp-site-into-android-app/server/images.php
http://www.vapidlabs.com/advisory.php?v=182

@muntopia provided an exploit for all of them here:
https://github.com/alienwithin/Scripts-Sploits/blob/master/zen_app_mobile_wp_rfu.py

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ