cbcvebase.
CVE-2014-1905
published 2014-12-29

CVE-2014-1905: Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote…

PriorityP265critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
10.36%
95.1th percentile
Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, and then accessing the file via a direct request to a wp-content/plugins/videowhisper-live-streaming-integration/ls/snapshots/ pathname, as demonstrated by a .php.jpg filename.

Affected

2 ranges
VendorProductVersion rangeFixed in
videowhispervideo_conference
videowhispervideowhisper_live_streaming_integration<= 4.27.4

Detection & IOCsextracted from sources · hover to see the quote

  • Exploitation requires the webserver to execute files with .jpg extension as PHP (misconfigured MIME handling); detect by monitoring for PHP execution originating from the snapshots upload directory.
  • ·Exploitation of CVE-2014-1905 is only possible when the web server is misconfigured to execute .jpg files as PHP (i.e., lacks proper MIME-type enforcement for media file extensions).
  • ·A related but distinct vulnerability (CVE-2015-9271) in the videowhisper-video-conference-integration plugin uses a different bypass: files are considered safe when 'html' are the last four characters, enabling upload of .phtml files with PHP code.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.