RSS   Vulnerabilities for 'Wordthumb'   RSS

2014-07-15
 
CVE-2014-4663

CWE-94
 

 
TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the src parameter.

 

 >>> Vendor: Binarymoon 2 Products
Timthumb
Wordthumb


Copyright 2024, cxsecurity.com

 

Back to Top