Signature Detail
Short Name |
HTTP:PHP:WP-GIULIO-GANCI-DM-FU |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
WordPress Giulio Ganci Wp Downloads Manager Module Remote File Upload |
Release Date |
2012/11/05 |
Update Number |
2200 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: WordPress Giulio Ganci Wp Downloads Manager Module Remote File Upload
This signature detects attempts to exploit a known vulnerability against Giulio Ganci Wp Downloads Manager module. A successful attack can lead to arbitrary code execution.
Extended Description
The Wp Downloads Manager module for WordPress is prone to a vulnerability that lets attackers upload and execute arbitrary code. This issue occurs because the application fails to sufficiently sanitize user-supplied input. Successfully exploiting this issue will allow attackers to upload and execute arbitrary PHP code within the context of the webserver process. This may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Wp Downloads Manager 0.2 is vulnerable; other versions may also be affected.
Affected Products
- Giulio Ganci Wp Downloads Manager 0.2
References
- BugTraq: 30365
- CVE: CVE-2008-3362