openkylin
/
openkylin-exploit-db
mirror of https://gitee.com/openkylin/openkylin-exploit-db.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

update cve/WordPress/2019/yaml/CVE-2019-8943.yaml. 

Signed-off-by: Admin <timfergus@buaa.edu.cn>
This commit is contained in:
Admin 2023-05-16 15:28:44 +00:00 committed by Gitee
parent 0292748f63
commit 1f131d4a48
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cve/WordPress/2019/yaml/CVE-2019-8943.yaml
View File

@ -1,7 +1,7 @@
id: CVE-2019-8943
source: https://github.com/v0lck3r/CVE-2019-8943
info:
name: WordPress
name: WordPress是一个以PHP和MySQL为平台的自由开源的博客软件和内容管理系统。
severity: MEDIUM
description: |
WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.