CVE-2014-10397

The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php.
References
Link Resource
https://packetstormsecurity.com/files/128188/ Exploit Third Party Advisory VDB Entry
https://packetstormsecurity.com/files/128188/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:para:antioch:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 02:03

Type Values Removed Values Added
References () https://packetstormsecurity.com/files/128188/ - Exploit, Third Party Advisory, VDB Entry () https://packetstormsecurity.com/files/128188/ - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2019-09-20 20:15

Updated : 2024-11-21 02:03


NVD link : CVE-2014-10397

Mitre link : CVE-2014-10397

CVE.ORG link : CVE-2014-10397


JSON object : View

Products Affected

para

  • antioch
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')