Categories: US-Cert-Repository

WordPress Themes Vulnerability

TimThumb, a PHP script that is reused in many popular themes for the WordPress blog software, contains a vulnerability that allows a remote attacker to upload arbitrary PHP code to an affected site.

US-CERT encourages users and administrators to:

determine if any hosted blogs use TimThumb by searching for timthumb.php or thumb.php
review the blog entry on the issue and apply any necessary updates or workarounds to help mitigate the risks

This product is provided subject to this Notification and this Privacy & Use policy.

admin

Next Apple Releases QuickTime 7.7 »

Previous « Cisco Releases Security Advisory and Applied Mitigation Bulletin

MyDoom.B Virus

Systems Affected Any system running Microsoft Windows (Windows 95 and newer) that are used…

1 month ago

Multiple Vulnerabilities in Microsoft Internet Explorer

Systems Affected Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…

1 month ago

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Systems Affected Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…

1 month ago

Multiple Vulnerabilities in Microsoft Windows

Systems Affected Systems running Microsoft Windows Overview Microsoft Windows contains multiple vulnerabilities,…

1 month ago

Vulnerability in Microsoft Outlook 2002

Systems Affected Systems running Microsoft Office XP and Outlook 2002 Overview There…

1 month ago

Multiple Vulnerabilities in OpenSSL

Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview …

1 month ago

This website uses cookies.

WordPress Themes Vulnerability

Recent Posts

MyDoom.B Virus

Multiple Vulnerabilities in Microsoft Internet Explorer

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Multiple Vulnerabilities in Microsoft Windows

Vulnerability in Microsoft Outlook 2002

Multiple Vulnerabilities in OpenSSL