CVE-2013-5962

Severity

51%

Complexity

49%

Confidentiality

106%

Per: http://cwe.mitre.org/data/definitions/434.html 'CWE-434: Unrestricted Upload of File with Dangerous Type'

Unrestricted file upload vulnerability in frames/upload-images.php in the Complete Gallery Manager plugin before 3.3.4 rev40279 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/[year]/[month]/.

Per: http://cwe.mitre.org/data/definitions/434.html 'CWE-434: Unrestricted Upload of File with Dangerous Type'

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

Type

Envato Complete Gallery Manager plugin

First reported 11 years ago

2013-09-30 22:55:00

Last updated 7 years ago

2017-08-29 01:33:00

Affected Software

Envato Complete Gallery Manager plugin 1.0.0 revision 25273

1.0.0

Envato Complete Gallery Manager plugin 1.0.1 revision 25421

1.0.1

Envato Complete Gallery Manager plugin 1.0.2 revision 25487

1.0.2

Envato Complete Gallery Manager plugin 2.0.0 revision 27524

2.0.0

Envato Complete Gallery Manager plugin 2.0.1 revision 27876

2.0.1

Envato Complete Gallery Manager plugin 2.0.2 revision 28693

2.0.2

Envato Complete Gallery Manager plugin 2.0.3 revision 28734

2.0.3

Envato Complete Gallery Manager plugin 3.0.0 revision 29469

3.0.0

Envato Complete Gallery Manager plugin 3.0.1 revision 29536

3.0.1

Envato Complete Gallery Manager plugin 3.1.0 revision 30003

3.1.0

Envato Complete Gallery Manager plugin 3.1.1 revision 30900

3.1.1

Envato Complete Gallery Manager plugin 3.2.0 revision 31030

3.2.0

Envato Complete Gallery Manager plugin 3.2.1 revision 33197

3.2.1

Envato Complete Gallery Manager plugin 3.2.2 revision 33971

3.2.2

Envato Complete Gallery Manager plugin 3.2.3 revision 34390

3.2.3

Envato Complete Gallery Manager plugin 3.2.4 revision 34757

3.2.4

Envato Complete Gallery Manager plugin 3.2.5 revision 34942

3.2.5

Envato Complete Gallery Manager plugin 3.2.6 revision 36235

3.2.6

Envato Complete Gallery Manager plugin 3.2.7 revision 36257

3.2.7

Envato Complete Gallery Manager plugin 3.2.8 revision 36369

3.2.8

Envato Complete Gallery Manager plugin 3.3.0 revision 36620

3.3.0

Envato Complete Gallery Manager plugin 3.3.1 revision 38906

3.3.1

Envato Complete Gallery Manager plugin 3.3.2 revision 39009

3.3.2

References

20130918 Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability

Exploit

http://codecanyon.net/item/complete-gallery-manager-for-wordpress/2418606

http://packetstormsecurity.com/files/123303

Exploit

54894

Vendor Advisory

28377

http://www.vulnerability-lab.com/get_content.php?id=1080

Exploit

completegallery-uploadimages-file-upload(87172)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.