Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6512

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-6512
Last Modified 29 Jan 2013 12:00:00
Published 23 Jan 2013 08:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-6512

Summary

The Organizer plugin 1.2.1 for WordPress allows remote attackers to obtain the installation path via unspecified vectors to (1) plugin_hook.php, (2) page/index.php, (3) page/dir.php (4) page/options.php, (5) page/resize.php, (6) page/upload.php, (7) page/users.php, or (8) page/view.php.

Vulnerable Systems

Application

  • Jeff Sterup Plugin-organizer 1.2.1


References

XF - organizer-multiple-path-disclosure(75107)

MISC - http://websecurity.com.ua/5782

MISC - http://packetstormsecurity.org/files/112086/WordPress-Organizer-1.2.1-Cross-Site-Scripting-Path-Disclosure.html


Last Updated: 27 May 2016 10:47:23