The ThemeMakers Almera Responsive Portfolio Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.
References
Link | Resource |
---|---|
https://packetstormsecurity.com/files/131957/ | Exploit Third Party Advisory VDB Entry |
https://packetstormsecurity.com/files/131957/ | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:40
Type | Values Removed | Values Added |
---|---|---|
References | () https://packetstormsecurity.com/files/131957/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2019-10-11 19:15
Updated : 2024-11-21 02:40
NVD link : CVE-2015-9488
Mitre link : CVE-2015-9488
CVE.ORG link : CVE-2015-9488
JSON object : View
Products Affected
almera_responsive_portfolio_site_template_project
- almera_responsive_portfolio_site_template
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor