Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2558

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2014-2558
Last Modified 07 May 2014 09:23:22
Published 06 May 2014 10:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-2558

Summary

The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting fields to /wp-admin/options-media.php, related to the create_function function.

Vulnerable Systems

Application

  • Skyphe File-gallery 1.1

  • Skyphe File-gallery 1.2

  • Skyphe File-gallery 1.3

  • Skyphe File-gallery 1.4

  • Skyphe File-gallery 1.5

  • Skyphe File-gallery 1.5.1

  • Skyphe File-gallery 1.5.2

  • Skyphe File-gallery 1.5.3

  • Skyphe File-gallery 1.5.4

  • Skyphe File-gallery 1.5.5

  • Skyphe File-gallery 1.5.6

  • Skyphe File-gallery 1.5.7

  • Skyphe File-gallery 1.5.8

  • Skyphe File-gallery 1.5.9

  • Skyphe File-gallery 1.6

  • Skyphe File-gallery 1.6.0.1

  • Skyphe File-gallery 1.6.2

  • Skyphe File-gallery 1.6.3

  • Skyphe File-gallery 1.6.4

  • Skyphe File-gallery 1.6.4.1

  • Skyphe File-gallery 1.6.5

  • Skyphe File-gallery 1.6.5.1

  • Skyphe File-gallery 1.6.5.2

  • Skyphe File-gallery 1.6.5.3

  • Skyphe File-gallery 1.6.5.4

  • Skyphe File-gallery 1.6.5.5

  • Skyphe File-gallery 1.6.5.6

  • Skyphe File-gallery 1.6.6

  • Skyphe File-gallery 1.7

  • Skyphe File-gallery 1.7.1

  • Skyphe File-gallery 1.7.2

  • Skyphe File-gallery 1.7.3

  • Skyphe File-gallery 1.7.4

  • Skyphe File-gallery 1.7.4.1

  • Skyphe File-gallery 1.7.5

  • Skyphe File-gallery 1.7.5.1

  • Skyphe File-gallery 1.7.5.3

  • Skyphe File-gallery 1.7.6

  • Skyphe File-gallery 1.7.7

  • Skyphe File-gallery 1.7.8

  • Skyphe File-gallery 1.7.9


References

BID - 67183

BID - 67120

MISC - http://wordpress.org/plugins/file-gallery/changelog/

FULLDISC - 20140429 Arbitrary code execution by admins in File Gallery 1.7.7 (WordPress plugin)


Last Updated: 27 May 2016 11:05:12