CVE-2014-5181

Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation (lastfm-rotation) plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the snode parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:last.fm_rotation_plugin_project:lastfm-rotation_plugin:1.0:*:*:*:*:wordpress:*:*

Information

Published : 2014-08-06 12:55

Updated : 2014-08-07 05:42


NVD link : CVE-2014-5181

Mitre link : CVE-2014-5181


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

last.fm_rotation_plugin_project

  • lastfm-rotation_plugin