WordPress Timthumb Plugin 'timthumb' Cache Directory Arbitrary File Upload Vulnerability

Bugtraq ID: 48963
Class: Design Error
CVE: CVE-2011-4106
Remote: Yes
Local: No
Published: Aug 02 2011 12:00AM
Updated: Jan 06 2012 10:00PM
Credit: Mark Maunder and the vendor
Vulnerable: WordPress WP Marketplace Plugin 0
WordPress Vk Gallery Plugin 0
WordPress Verve Meta Boxes Plugin 0
WordPress User Avatar Plugin 0
WordPress SmoothGallery 1.15.1
WordPress Simple Slide Show 1.0
WordPress Rent A Car Plugin 0
WordPress Rekt Slideshow Plugin 0
WordPress Really Easy Slider Plugin 0
WordPress Popular Posts 2.1.4
WordPress MediaRSS 0.1
WordPress LISL Last Image Slider Plugin 0
WordPress Kino Gallery Plugin 0
WordPress Islidex Plugin 0
WordPress IGIT Related Posts With Thumb Image After Posts 3.9.7
WordPress IGIT Posts Slider Widget 1.1
WordPress Extend Plugin 0
WordPress DukaPress Shopping Cart 2.3.2
WordPress DP Thumbnail Plugin 0
WordPress Cms Pack Plugin 0
WordPress Category List Portfolio Page Plugin 0
WordPress CAC Featured Content Plugin 0
WordPress Auto Attachments Plugin 0
WordPress A. Gallery 0.9 revision 378511
WordPress A Gallery Plugin 0
Timthumb Timthumb 1.33
Timthumb Timthumb 1.32
Timthumb Timthumb 1.1
Not Vulnerable: WordPress SmoothGallery 1.15.2
WordPress MediaRSS 0.2
WordPress IGIT Related Posts With Thumb Image After Posts 3.9.8
WordPress IGIT Posts Slider Widget 1.2
WordPress DukaPress Shopping Cart 2.3.3
WordPress A. Gallery 0.9 revision 438727
Timthumb Timthumb 1.34


 

Privacy Statement
Copyright 2010, SecurityFocus