Lucene search
K

11 matches found

Check Point Advisories
Check Point Advisories
added 2009/09/30 12:0 a.m.18 views

WordPress RSS feed Generator self_link HTTP_HOST Cross-Site Scripting (CVE-2008-5278)

WordPress is an opensource php-based blog publishing platform. It offers several features such as multi-author editing capability, automatic formatting of text and an architecture which supports plugins to further extend its functionality. There exists a cross-site script insertion vulnerability ...

4.3CVSS6.7AI score0.03233EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/02/16 12:0 a.m.28 views

Fedora Update for wordpress FEDORA-2008-10482

Check for the Version of wordpress OpenVAS Vulnerability Test Fedora Update for wordpress FEDORA-2008-10482 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

4.3CVSS0.2AI score0.03233EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/16 12:0 a.m.20 views

Fedora Update for wordpress FEDORA-2008-10482

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS6.7AI score0.03233EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/16 12:0 a.m.14 views

Fedora Update for wordpress FEDORA-2008-10483

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS6.7AI score0.03233EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/16 12:0 a.m.13 views

Fedora Update for wordpress FEDORA-2008-10468

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS6.7AI score0.03233EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/13 12:0 a.m.12 views

Fedora Update for wordpress-mu FEDORA-2008-11104

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS6.7AI score0.03233EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/12/03 12:0 a.m.25 views

Fedora 8 : wordpress-2.6.5-2.fc8 (2008-10468)

http://wordpress.org/development/2008/11/wordpress-265/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

4.3CVSS5.3AI score0.03233EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2008/12/03 12:0 a.m.26 views

Fedora 9 : wordpress-2.6.5-2.fc9 (2008-10483)

http://wordpress.org/development/2008/11/wordpress-265/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

4.3CVSS5.3AI score0.03233EPSS
Exploits1References4
OSV
OSV
added 2008/11/28 7:30 p.m.3 views

CVE-2008-5278

Cross-site scripting XSS vulnerability in the selflink function in in the RSS Feed Generator wp-includes/feed.php for WordPress before 2.6.5 allows remote attackers to inject arbitrary web script or HTML via the Host header HTTPHOST variable...

5.6AI score
Exploits0References11
CVE
CVE
added 2008/11/28 7:0 p.m.74 views

CVE-2008-5278

WordPress CVE-2008-5278 affects the RSS Feed Generator (wp-includes/feed.php) prior to 2.6.5, enabling remote injection of HTML/script via HTTP_HOST. The issue is caused by unsanitized Host header, resulting in XSS in the RSS feed. Remediation: upgrade WordPress to 2.6.5 or later (per the descrip...

4.3CVSS5.5AI score0.03233EPSS
Exploits1References10Affected Software1
Debian CVE
Debian CVE
added 2008/11/28 7:0 p.m.14 views

CVE-2008-5278

Cross-site scripting XSS vulnerability in the selflink function in in the RSS Feed Generator wp-includes/feed.php for WordPress before 2.6.5 allows remote attackers to inject arbitrary web script or HTML via the Host header HTTPHOST variable...

4.3CVSS4.2AI score0.03233EPSS
Exploits1
Rows per page
Query Builder