{"id":7899,"date":"2015-02-14T22:12:02","date_gmt":"2015-02-15T05:12:02","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&#038;p=7899"},"modified":"2023-02-06T13:55:04","modified_gmt":"2023-02-06T20:55:04","slug":"cve-2015-9538-nextgen","status":"publish","type":"zerodays","link":"https:\/\/10.42.32.162\/zerodays\/cve-2015-9538-nextgen\/","title":{"rendered":"CVE-2015-9538 &#8211; Directory Traversal in NextGen Gallery"},"content":{"rendered":"<p style=\"text-align: justify;\">A path traversal vulnerability was identified on WordPress plugins NextGen gallery before 2.1.15. An attacker could take advantage of this flaw by crafting a filter name with Local File Inclusion (LFI) payload and traverse the file system to access files or directories that are outside of the restricted directory on the remote server.<\/p>\n<p dir=\"ltr\"><b id=\"docs-internal-guid-7de036c1-7fff-34ef-bdf3-ac1235a8f02c\">\u00a0<\/b><\/p>\n","protected":false},"featured_media":7897,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7899"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":2,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7899\/revisions"}],"predecessor-version":[{"id":13708,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7899\/revisions\/13708"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/7897"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=7899"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}