Arbitrary file upload in Omnilogic Omni Secure Files
CVE-2012-10064
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticate…
Vulnerability class: Unrestricted File Upload
EPSS: 0.007 (47.6th percentile) — read the EPSS interpretation.
Affected products
- Omnilogic Omni Secure Files — versions 0
Weakness classification (CWE)
References
- disclosure@vulncheck.com (third-party-advisory)
- disclosure@vulncheck.com (patch, third-party-advisory)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)
- disclosure@vulncheck.com (third-party-advisory)
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (third-party-advisory)
- disclosure@vulncheck.com (third-party-advisory)