CVE-2013-5962
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/09/2013
Last modified:
11/04/2025
Description
Unrestricted file upload vulnerability in frames/upload-images.php in the Complete Gallery Manager plugin before 3.3.4 rev40279 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/[year]/[month]/.
Impact
Base Score 2.0
5.10
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:envato:complete_gallery_manager_plugin:*:rev39177:*:*:*:*:*:* | 3.3.3 (including) | |
| cpe:2.3:a:envato:complete_gallery_manager_plugin:1.0.0:rev25273:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:1.0.1:rev25421:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:1.0.2:rev25487:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:2.0.0:rev27524:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:2.0.1:rev27876:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:2.0.2:rev28693:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:2.0.3:rev28734:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:3.0.0:rev29469:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:3.0.1:rev29536:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:3.1.0:rev30003:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:3.1.1:rev30900:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:3.2.0:rev31030:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:3.2.1:rev33197:*:*:*:*:*:* | ||
| cpe:2.3:a:envato:complete_gallery_manager_plugin:3.2.2:rev33971:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/bugtraq/2013-09/0090.html
- http://codecanyon.net/item/complete-gallery-manager-for-wordpress/2418606
- http://packetstormsecurity.com/files/123303
- http://secunia.com/advisories/54894
- http://www.exploit-db.com/exploits/28377
- http://www.vulnerability-lab.com/get_content.php?id=1080
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87172
- http://archives.neohapsis.com/archives/bugtraq/2013-09/0090.html
- http://codecanyon.net/item/complete-gallery-manager-for-wordpress/2418606
- http://packetstormsecurity.com/files/123303
- http://secunia.com/advisories/54894
- http://www.exploit-db.com/exploits/28377
- http://www.vulnerability-lab.com/get_content.php?id=1080
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87172