oss-sec mailing list archives
CVE- Request for Wordpress Plugin Simple Ads Manager: DoS without authentication
From: Responsive Disclosure | HSASec <disclosure () hsasec de>
Date: Thu, 02 Jul 2015 17:16:38 +0200
Greetings, we discovered a vulnerability in the following component and want to request a CVE for it: Product-Type: Wordpress Plugin Product: Simple Ads Manager (https://wordpress.org/plugins/simple-ads-manager/) Version: up to 2.9.3.114 Vendor: minimus (minimus () simplelib com) Fixed: 2015-07-02 (reportet: 2015-06-29) Changelog: https://wordpress.org/plugins/simple-ads-manager/changelog/ PoC available: yes (internal) Description: An input validation flow allows an attacker to perform simple file system operations which can result in a denial of service of the current instance. No authentication is required. Researchers: * Michael Kapfer (Michael.Kapfer () hs-augsburg de) Best regards, the HSASec-Team (https://www.hsasec.de)
Current thread:
- CVE- Request for Wordpress Plugin Simple Ads Manager: DoS without authentication Responsive Disclosure | HSASec (Jul 02)