{"id":7899,"date":"2015-02-14T22:12:02","date_gmt":"2015-02-15T05:12:02","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&p=7899"},"modified":"2023-02-06T13:55:04","modified_gmt":"2023-02-06T20:55:04","slug":"cve-2015-9538-nextgen","status":"publish","type":"zerodays","link":"https:\/\/webdev.securin.xyz\/zerodays\/cve-2015-9538-nextgen\/","title":{"rendered":"CVE-2015-9538 – Directory Traversal in NextGen Gallery"},"content":{"rendered":"

A path traversal vulnerability was identified on WordPress plugins NextGen gallery before 2.1.15. An attacker could take advantage of this flaw by crafting a filter name with Local File Inclusion (LFI) payload and traverse the file system to access files or directories that are outside of the restricted directory on the remote server.<\/p>\n

\u00a0<\/b><\/p>\n","protected":false},"featured_media":7897,"parent":0,"menu_order":0,"template":"","vulnerability_categories":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7899"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":2,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7899\/revisions"}],"predecessor-version":[{"id":13708,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7899\/revisions\/13708"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/7897"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=7899"}],"wp:term":[{"taxonomy":"vulnerability_categories","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/vulnerability_categories?post=7899"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}