header-logo
Suggest Exploit
vendor:
Daily Deal Theme
by:
SecurityFocus
8,8
CVSS
HIGH
Arbitrary File Upload
N/A
CWE
Product Name: Daily Deal Theme
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013

The Daily Deal theme is prone to a vulnerability that lets attackers upload arbitrary files

The Daily Deal theme is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.

Mitigation:

Sanitize user-supplied input.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/63257/info

The Daily Deal theme is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input.

An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. 

http://www.example.com/wp-content/themes/DailyDeal/monetize/upload/

Navigation

Suggest Exploit

Services By CQR