Lucene search
WaraxePATCHSTACK:C1F5107D1D3EAACF17EFCBF3A92BD7BDHistoryMay 22, 2007 - 12:00 a.m.
WordPress <= 2.1 - SQL Injection
2007-05-2200:00:00
waraxe
patchstack.com
5
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Because of this vulnerability in wp-admin/admin-ajax.php,the attackers can execute arbitrary SQL commands via the “cookie” parameter.
Solution
Update WordPress.
Related
nessus
nessus
WordPress check_ajax_referer() Function SQL Injection
2007-05-23 00:00:00
Debian DSA-1502-1 : wordpress - several vulnerabilities
2008-02-25 00:00:00
cve
cve
CVE-2007-2821
2007-05-22 21:30:00
debiancve
debiancve
CVE-2007-2821
2007-05-22 21:30:00
prion
prion
Sql injection
2007-05-22 21:30:00
ubuntucve
ubuntucve
CVE-2007-2821
2007-05-22 00:00:00
cvelist
cvelist
CVE-2007-2821
2007-05-22 21:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1502-1] New wordpress packages fix multiple vulnerabilities
2008-02-24 00:00:00
debian
debian
[SECURITY] [DSA 1502-1] New wordpress packages fix multiple vulnerabilities
2008-02-22 00:46:52
[SECURITY] [DSA 1502-1] New wordpress packages fix multiple vulnerabilities
2008-02-22 00:46:44
openvas
openvas
Debian: Security Advisory (DSA-1502-1)
2008-02-28 00:00:00
Debian Security Advisory DSA 1502-1 (wordpress)
2008-02-28 00:00:00
osv
osv
wordpress - multiple vulnerabilities
2008-02-22 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for PATCHSTACK:C1F5107D1D3EAACF17EFCBF3A92BD7BD