Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-2146HistoryMay 12, 2008 - 8:20 p.m.
CVE-2008-2146
2008-05-1220:20:00
Debian Security Bug Tracker
security-tracker.debian.org
7
0.009 Low
EPSS
Percentile
82.7%
wp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the PATH_INFO ($PHP_SELF), which allows remote attackers to bypass intended access restrictions for certain pages.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 2.2.3-1 | wordpress_2.2.3-1_all.deb |
| Debian | 11 | all | wordpress | < 2.2.3-1 | wordpress_2.2.3-1_all.deb |
| Debian | 10 | all | wordpress | < 2.2.3-1 | wordpress_2.2.3-1_all.deb |
| Debian | 999 | all | wordpress | < 2.2.3-1 | wordpress_2.2.3-1_all.deb |
| Debian | 13 | all | wordpress | < 2.2.3-1 | wordpress_2.2.3-1_all.deb |
Related
cve
cve
CVE-2008-2146
2008-05-12 20:20:00
prion
prion
Design/Logic Flaw
2008-05-12 20:20:00
patchstack
patchstack
WordPress <= 2.2.2 - BYPASS
2008-05-12 00:00:00
ubuntucve
ubuntucve
CVE-2008-2146
2008-05-12 00:00:00
cvelist
cvelist
CVE-2008-2146
2008-05-12 20:00:00
osv
osv
wordpress - several vulnerabilities
2008-05-01 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1564-1)
2008-05-12 00:00:00