Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2009/08/20 12:0 a.m.88 views

WordPress-MU < 2.8.4 'wp-login.php' Security Bypass Vulnerability

WordPres-MU is prone to a security bypass vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

7.5CVSS6.4AI score0.19636EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/08/17 12:0 a.m.27 views

FreeBSD Ports: wordpress

The remote host is missing an update to the system as announced in the referenced advisory. VID 2430e9c3-8741-11de-938e-003048590f9e OpenVAS Vulnerability Test $ Description: Auto generated from VID 2430e9c3-8741-11de-938e-003048590f9e Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

7.5CVSS0.1AI score0.19636EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/08/17 12:0 a.m.21 views

FreeBSD Ports: wordpress

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS6.4AI score0.19636EPSS
Exploits1References3
OSV
OSV
added 2009/08/13 4:30 p.m.6 views

CVE-2009-2762

wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key array variable in a resetpass aka rp action, which bypasses a check that assumes that $key is not an array...

7AI score
Exploits0References10
CVE
CVE
added 2009/08/13 4:0 p.m.85 views

CVE-2009-2762

CVE-2009-2762 affects WordPress ≤ 2.8.3. The vulnerability allows remote attackers to trigger a password reset for the first user (potentially admin) by supplying a key[] array to the resetpass (rp) action, bypassing the check that key is not an array. This is a network‑level exploit with a CVSSv...

7.5CVSS6.7AI score0.19636EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/08/12 12:0 a.m.234 views

WordPress < 2.8.4 'wp-login.php' 'key' Parameter Remote Administrator Password Reset (uncredentialed check)

According to its version number, the version of WordPress running on the remote server has a flaw in the password reset mechanism. Validation of the secret user activation key can be bypassed by providing an array instead of a string. This allows anyone to reset the password of the first user in...

7.5CVSS5.5AI score0.19636EPSS
Exploits1References4
Circl
Circl
added 2008/09/07 12:0 a.m.5 views

CVE-2009-2762

creationtimestamp| type| source ---|---|--- 2008-09-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6397 2008-09-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6421 2009-08-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9410...

7.5CVSS5.8AI score0.19636EPSS
Exploits1References3
Rows per page
Query Builder