Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2007-4894

🗓️ 14 Sep 2007 18:00:17Reported by Debian Security Bug TrackerType 
debiancve
 debiancve🔗 security-tracker.debian.org👁 12 Views

Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a allow remote attackers to execute arbitrary SQL commands via the post_type parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and other unspecified parameters related to "early database escaping" and missing validation of "query string like parameters.

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Packages
ReporterTitlePublishedViews
Family
OpenVAS		FreeBSD Ports: wordpress, de-wordpress, zh-wordpress
4 Sep 200800:00
openvas
OpenVAS		FreeBSD Ports: wordpress, de-wordpress, zh-wordpress
4 Sep 200800:00
openvas
OpenVAS		Fedora Update for wordpress FEDORA-2007-2143
27 Feb 200900:00
openvas
OpenVAS		Fedora Update for wordpress FEDORA-2007-2143
27 Feb 200900:00
openvas
Tenable Nessus		FreeBSD : wordpress -- remote sql injection vulnerability (63347ee7-6841-11dc-82b6-02e0185f8d72)
24 Sep 200700:00
nessus
Tenable Nessus		Fedora 7 : wordpress-2.2.3-0.fc7 (2007-2143)
6 Nov 200700:00
nessus
Patchstack		WordPress <= 2.2.3 - Multiple SQL Injection
14 Sep 200700:00
patchstack
CVE		CVE-2007-4894
14 Sep 200718:17
cve
UbuntuCve		CVE-2007-4894
14 Sep 200700:00
ubuntucve
NVD		CVE-2007-4894
14 Sep 200718:17
nvd
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Debian12allwordpress2.2.3-1wordpress_2.2.3-1_all.deb
Debian11allwordpress2.2.3-1wordpress_2.2.3-1_all.deb
Debian999allwordpress2.2.3-1wordpress_2.2.3-1_all.deb
Debian13allwordpress2.2.3-1wordpress_2.2.3-1_all.deb

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
14 Sep 2007 18:17Current
7.2High risk
Vulners AI Score7.2
CVSS27.5
EPSS0.03643
wordpresssql injectionremote attackersarbitrary sql commandsxmlrpcinterfacequery string parametersvulnerabilities
12
.json
Report