Published: 11/07/2014 Updated: 14/07/2014

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote malicious users to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tera charts plugin project tera-charts 0.1

source: wwwsecurityfocuscom/bid/68662/info Tera Charts plugin for WordPress is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input An attacker can exploit these issues to obtain potentially sensitive information; other attacks are also possible Tera Charts 01 is vulnerable; o ...

source: wwwsecurityfocuscom/bid/68662/info Tera Charts plugin for WordPress is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input An attacker can exploit these issues to obtain potentially sensitive information; other attacks are also possible Tera Charts 01 is vulnerable ...

CWE-22 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=851874%40tera-charts&old=799253%40tera-charts&sfp_email=&sfph_mail=http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/https://nvd.nist.gov https://www.exploit-db.com/exploits/39256/

CVE-2014-4940

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect