CVE-2024-3022
published 2024-04-04CVE-2024-3022: The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload'…
PriorityP347high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
1.56%
72.2th percentile
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to upload arbitrary files on the affected site's server, enabling remote code execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| reputeinfosystems | appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress | <= 1.0.87 | — |
| reputeinfosystems | bookingpress | <= 1.0.87 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php uzanti Parameter Remote File Inclusion
suricata·2010-07-30·CVSS 7.5
CVE-2008-3022 [HIGH] ET WEB_SPECIFIC_APPS phPortal gunaysoft.php uzanti Parameter Remote File Inclusion
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php uzanti Parameter Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS phPortal gunaysoft.php uzanti Parameter Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/gunaysoft.php?"; nocase; content:"uzanti="; nocase; pcre:"/uzanti=\s*(https?|ftps?|php)\:\//i"; reference:bugtraq,30064; reference:cve,CVE-2008-3022; reference:url,xforce.iss.net/xforce/xfdb/43569; classtype:web-application-attack; sid:2009327; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion
suricata·2010-07-30·CVSS 7.5
CVE-2008-3022 [HIGH] ET WEB_SPECIFIC_APPS phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/gunaysoft.php?"; nocase; content:"icerikyolu="; nocase; pcre:"/icerikyolu=\s*(https?|ftps?|php)\:\//i"; reference:bugtraq,30064; reference:cve,CVE-2008-3022; reference:url,xforce.iss.net/xforce/xfdb/43569; classtype:web-application-attack; sid:2009325; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php sayfaid Parameter Remote File Inclusion
suricata·2010-07-30·CVSS 7.5
CVE-2008-3022 [HIGH] ET WEB_SPECIFIC_APPS phPortal gunaysoft.php sayfaid Parameter Remote File Inclusion
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php sayfaid Parameter Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS phPortal gunaysoft.php sayfaid Parameter Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/gunaysoft.php?"; nocase; content:"sayfaid="; nocase; pcre:"/sayfaid=\s*(https?|ftps?|php)\:\//i"; reference:bugtraq,30064; reference:cve,CVE-2008-3022; reference:url,xforce.iss.net/xforce/xfdb/43569; classtype:web-application-attack; sid:2009326; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/3061435/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.phphttps://r0ot.notion.site/BookingPress-1-0-84-Authenticated-Administrator-Arbitrary-File-Upload-lead-to-RCE-e2603371c0c14d828144e26f2fdc1d01?pvs=4https://www.wordfence.com/threat-intel/vulnerabilities/id/049ec264-3ed1-4741-937d-8a633ef0a627?source=cvehttps://plugins.trac.wordpress.org/changeset/3061435/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.phphttps://r0ot.notion.site/BookingPress-1-0-84-Authenticated-Administrator-Arbitrary-File-Upload-lead-to-RCE-e2603371c0c14d828144e26f2fdc1d01?pvs=4https://www.wordfence.com/threat-intel/vulnerabilities/id/049ec264-3ed1-4741-937d-8a633ef0a627?source=cve
2024-04-04
Published