CVE-2016-20078
MEDIUM
6.2
CVSS 3.1
Description
WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Attackers can supply directory traversal sequences in GET requests to pic.php to access sensitive files like wp-config.php containing database credentials and configuration data.
Metadata
Severity & Metrics
6.2
MEDIUM CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Henrique Dias | IMDb Profile Widget | — | 1.0.8 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-98 | cna | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') |
CVSS scores (2)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 6.9 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
| 6.2 | MEDIUM | 3.1 | cna | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
References (3)
- ExploitDB-39621 https://www.exploit-db.com/exploits/39621
- Official Product Homepage https://wordpress.org/plugins/imdb-widget/
- VulnCheck Advisory: WordPress IMDb Profile Widget 1.0.8 Local File Inclusion via pic.php https://www.vulncheck.com/advisories/wordpress-imdb-profile-widget-local-file-inclusion-via-pic-php