CVE-2015-9488

The ThemeMakers Almera Responsive Portfolio Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.
References
Link Resource
https://packetstormsecurity.com/files/131957/ Exploit Third Party Advisory VDB Entry
https://packetstormsecurity.com/files/131957/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:almera_responsive_portfolio_site_template_project:almera_responsive_portfolio_site_template:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 02:40

Type Values Removed Values Added
References () https://packetstormsecurity.com/files/131957/ - Exploit, Third Party Advisory, VDB Entry () https://packetstormsecurity.com/files/131957/ - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2019-10-11 19:15

Updated : 2024-11-21 02:40


NVD link : CVE-2015-9488

Mitre link : CVE-2015-9488

CVE.ORG link : CVE-2015-9488


JSON object : View

Products Affected

almera_responsive_portfolio_site_template_project

  • almera_responsive_portfolio_site_template
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor