CVE-2015-5065
CVE-2015-5065
Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read arbitrary files via a full pathname in the requrl parameter.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
cve_referencepacketstormsecurity.com/files/132278/WordPress-Paypal-Currency-Converter-Basic-For-Woocommerce-1.3-File-Read.htmlno verificadocve_referencewww.exploit-db.com/exploits/37253/no verificadoexploitdbwww.exploit-db.com/exploits/37253no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://packetstormsecurity.com/files/132278/WordPress-Paypal-Currency-Converter-Basic-For-Woocommerce-1.3-File-Read.htmlhttps://plugins.trac.wordpress.org/changeset/1179092/paypal-currency-converter-basic-for-woocommercehttps://wordpress.org/plugins/paypal-currency-converter-basic-for-woocommerce/changelog/https://www.exploit-db.com/exploits/37253/http://www.securityfocus.com/bid/75416