Lucene search
HistoryJul 05, 2005 - 4:00 a.m.
CVE-2005-2109
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.006
Percentile
78.8%
wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.
Affected configurations
Node
wordpresswordpressMatch1.0
ORwordpresswordpressMatch1.0.1
ORwordpresswordpressMatch1.0.2
ORwordpresswordpressMatch1.2
ORwordpresswordpressMatch1.5
ORwordpresswordpressMatch1.5.1
ORwordpresswordpressMatch1.5.1.2
Related
patchstack
patchstack
WordPress <= 1.5.1.2 - Multiple Vulnerabilities #1
2005-07-01 00:00:00
cve
cve
CVE-2005-2109
2005-07-05 04:00:00
debiancve
debiancve
CVE-2005-2109
2005-07-05 04:00:00
cvelist
cvelist
CVE-2005-2109
2005-07-01 04:00:00
wpvulndb
wpvulndb
WordPress <= 1.5.1.2 - Email Spoofing
2005-05-07 00:00:00
ubuntucve
ubuntucve
CVE-2005-2109
2005-07-05 00:00:00
openvas
openvas
FreeBSD Ports: wordpress
2008-09-04 00:00:00
FreeBSD Ports: wordpress
2008-09-04 00:00:00
nessus
nessus
freebsd
freebsd
wordpress -- multiple vulnerabilities
2005-06-28 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.006
Percentile
78.8%
Related for NVD:CVE-2005-2109