admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2017-12-25 00:03:32 -05:00
parent aeb9b26cea
commit 785ca5999e
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/17xxx/CVE-2017-17058.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory."
"value" : "** DISPUTED ** The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have \"if (!defined('ABSPATH')) {exit;}\" code."
}
]
},
@ -55,6 +55,9 @@
{
"url" : "https://www.exploit-db.com/exploits/43196/"
},
{
"url" : "https://github.com/woocommerce/woocommerce/issues/17964"
},
{
"url" : "https://www.exploit-db.com/ghdb/4613/"
}