[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [FD] Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plu
From: "Larry W. Cashdollar" <larry0 () me ! com>
Date: 2015-04-02 20:23:38
Message-ID: 1DDFAA0C-B30B-4468-B520-C073890ED6A2 () me ! com
[Download RAW message or body]
Hello Folks,
You can get php execution by using the file extension .phtml for both of these advisories. I'm \
currently updating the advisories and the vendor.
Try using an uncommon extension not defined in /etc/mime.types.
$ grep "#app" /etc/mime.types
#application/vnd.ms-pki.stl stl
#application/x-httpd-eruby rhtml
#application/x-httpd-php phtml pht php
#application/x-httpd-php-source phps
#application/x-httpd-php3 php3
#application/x-httpd-php3-preprocessed php3p
#application/x-httpd-php4 php4
#application/x-httpd-php5 php5
> On Mar 31, 2015, at 9:54 PM, Larry W. Cashdollar <larry0@me.com> wrote:
>
> Title: Remote file upload vulnerability in videowhisper-video-conference-integration \
> wordpress plugin v4.91.8
> Author: Larry W. Cashdollar, @_larry0
> Date: 2015-03-29
> Download Site: https://wordpress.org/support/plugin/videowhisper-video-conference-integration
> Vendor: http://www.videowhisper.com/
> Vendor Notified: 2015-03-31, won't fix. \
> http://www.videowhisper.com/tickets_view.php?t=10019545-1427810822 Vendor Contact: \
> http://www.videowhisper.com/tickets_submit.php
> Advisory: http://www.vapid.dhs.org/advisory.php?v=116
> Description: From their site "VideoWhisper Video Conference is a modern web based multiple \
> way video chat and real time file sharing tool. Read more on WordPress Video Conference \
> plugin home page."
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic