CyberSec.Space Logo
Back to CVE Browser

CVE-2017-1002000

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile3.73th
PublishedSep 14, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.

Affected Platforms (CPE)

πŸ“¦
Mobile Friendly App Builder By Easytouch Project

Mobile Friendly App Builder By Easytouch

= 3.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/96899
πŸ”— http://www.securityfocus.com/bid/96905
πŸ”— http://www.vapidlabs.com/advisory.php?v=179
πŸ”— https://wordpress.org/plugins-wp/mobile-friendly-app-builder-by-easytouch/
πŸ”— https://www.exploit-db.com/exploits/41540/
πŸ”— http://www.securityfocus.com/bid/96899
πŸ”— http://www.securityfocus.com/bid/96905
πŸ”— http://www.vapidlabs.com/advisory.php?v=179

Related Vulnerabilities

CVE-2017-278510.0

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially cra...

CVE-2017-278810.0

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet ...

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...

CVE-2017-522610.0

When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioc...