TimThumb Detection

info Nessus Plugin ID 76872

Synopsis

The remote web server hosts an image resizing PHP script.

Description

The remote host contains an install of TimThumb, an image resizing PHP script designed for use with WordPress web sites.

See Also

https://code.google.com/archive/p/timthumb

Plugin Details

Severity: Info

ID: 76872

File Name: wordpress_timthumb_detect.nbin

Version: 1.126

Type: remote

Family: CGI abuses

Published: 7/28/2014

Updated: 11/22/2024

Asset Inventory: true

Supported Sensors: Nessus

Enable CGI Scanning: true

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress, cpe:/a:timthumb:timthumb, cpe:/a:binarymoon:timthumb

Required KB Items: installed_sw/WordPress, www/PHP

Excluded KB Items: Settings/disable_cgi_scanning