PT-2017-6759 · Gravity Forms · Aviary Image Editor Add-On For Gravity Forms

Larry W. Cashdollar

Published

2017-05-23

Updated

2017-06-08

CVE-2015-4455

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Aviary Image Editor Add-on For Gravity Forms plugin version 3.0 beta

Description The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the includes/upload.php file, and then accessing it via a direct request to the file in wp-content/uploads/gform aviary.

Recommendations For Aviary Image Editor Add-on For Gravity Forms plugin version 3.0 beta, consider restricting or disabling the file upload functionality in includes/upload.php until a patch is available to prevent remote attackers from executing arbitrary code.

Exploit

Fix

RCE

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2015-4455

Affected Products

Aviary Image Editor Add-On For Gravity Forms

PT-2017-6759 · Gravity Forms · Aviary Image Editor Add-On For Gravity Forms

CVE-2015-4455

Weakness Enumeration

Related Identifiers

Affected Products

References · 5