PT-2012-3014 · Likno · Allwebmenus

Published

2012-02-07

Updated

2017-08-29

CVE-2012-1011

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions AllWebMenus plugin version 1.1.8

Description The issue allows remote attackers to bypass access restrictions, upload, and execute arbitrary PHP code. This is achieved by setting the HTTP REFERER to a specific value, uploading a ZIP file that contains a PHP file, and then accessing the uploaded file directly.

Recommendations For AllWebMenus plugin version 1.1.8, consider disabling the actions.php file until a patch is available to prevent the upload and execution of arbitrary PHP code. Restrict access to the upload functionality to minimize the risk of exploitation. Avoid using the HTTP REFERER variable in security checks as it can be easily manipulated by attackers.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-1011

Affected Products

Allwebmenus

PT-2012-3014 · Likno · Allwebmenus

CVE-2012-1011

Weakness Enumeration

Related Identifiers

Affected Products

References · 9