3 matches found
WordPress Backdoor iz Parameter Passthru (CVE-2007-1277)
A command execution vulnerability has been reported in WordPress. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2007-1277
CVE-2007-1277 affects WordPress 2.1.1. It describes an externally introduced backdoor enabling remote command execution via two vectors: (1) eval injection in the ix parameter of wp-includes/feed.php, and (2) an untrusted passthru in the iz parameter of wp-includes/theme.php. Exploitation would g...
WordPress < 2.1.1 Multiple Script Backdoors
The version of WordPress installed on the remote host appears to include a backdoor that allows an unauthenticated, remote attacker to execute arbitrary code on the remote host, subject to the permissions of the web server user id. %NASLMINLEVEL 70300 Tenable Network Security, Inc...