Lucene search
K

5 matches found

Debian
Debian
added 2008/02/22 12:46 a.m.33 views

[SECURITY] [DSA 1502-1] New wordpress packages fix multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1502-1 [email protected] http://www.debian.org/security/ Noah Meyerhans February 22, 2008 http://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.052EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2007/05/23 12:0 a.m.42 views

WordPress check_ajax_referer() Function SQL Injection

The version of WordPress on the remote host fails to properly sanitize input to the 'cookie' parameter of the 'wp-admin/admin-ajax.php' script before using it in the 'checkajaxreferer' function in database queries. Regardless of PHP's 'magicquotesgpc' setting, an unauthenticated, remote attacker...

7.5CVSS5.5AI score0.052EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2007/05/22 9:30 p.m.28 views

CVE-2007-2821

SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attackers to execute arbitrary SQL commands via the cookie parameter...

7.5CVSS6.2AI score0.052EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2007/05/22 9:0 p.m.26 views

CVE-2007-2821

SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attackers to execute arbitrary SQL commands via the cookie parameter...

7.5CVSS7.6AI score0.052EPSS
Exploits1
CVE
CVE
added 2007/05/22 9:0 p.m.84 views

CVE-2007-2821

CVE-2007-2821 affects WordPress core; vulnerable component is wp-admin/admin-ajax.php in WordPress before 2.2. The root cause is improper handling of the cookie parameter in SQL queries, enabling remote attackers to execute arbitrary SQL commands. Impact is remote data access/modification via SQL...

7.5CVSS8.1AI score0.052EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder