Lucene search
PsychoGunEDB-ID:29598HistoryFeb 12, 2007 - 12:00 a.m.
WordPress Core 1.x/2.0.x - 'Templates.php' Cross-Site Scripting
2007-02-1200:00:00
PsychoGun
www.exploit-db.com
25
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/22534/info
WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/wordpress/wp-admin/templates.php?action=update&file=<script>alert("Faille Xss")</script>&submit=Update+File+%C2%BBRelated
debiancve
debiancve
CVE-2007-1049
2007-02-21 17:28:00
CVE-2007-1230
2007-03-02 22:19:00
cvelist
cvelist
CVE-2007-1049
2007-02-21 17:00:00
CVE-2007-1230
2007-03-02 22:00:00
ubuntucve
ubuntucve
CVE-2007-1049
2007-02-21 00:00:00
CVE-2007-1230
2007-03-02 00:00:00
prion
prion
Cross site scripting
2007-02-21 17:28:00
Cross site scripting
2007-03-02 22:19:00
patchstack
patchstack
WordPress <= 2.1.0 - XSS
2007-02-21 00:00:00
cve
cve
CVE-2007-1049
2007-02-21 17:28:00
CVE-2007-1230
2007-03-02 22:19:00
nvd
nvd
CVE-2007-1049
2007-02-21 17:28:00
CVE-2007-1230
2007-03-02 22:19:00
gentoo
gentoo
WordPress: Multiple vulnerabilities
2007-03-20 00:00:00
nessus
nessus
GLSA-200703-23 : WordPress: Multiple vulnerabilities
2007-03-26 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200703-23 (wordpress)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200703-23 (wordpress)
2008-09-24 00:00:00
securityvulns
securityvulns