7 matches found
WordPress-MU < 2.8.4 'wp-login.php' Security Bypass Vulnerability
WordPres-MU is prone to a security bypass vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
FreeBSD Ports: wordpress
The remote host is missing an update to the system as announced in the referenced advisory. VID 2430e9c3-8741-11de-938e-003048590f9e OpenVAS Vulnerability Test $ Description: Auto generated from VID 2430e9c3-8741-11de-938e-003048590f9e Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
FreeBSD Ports: wordpress
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2009-2762
wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key array variable in a resetpass aka rp action, which bypasses a check that assumes that $key is not an array...
CVE-2009-2762
CVE-2009-2762 affects WordPress ≤ 2.8.3. The vulnerability allows remote attackers to trigger a password reset for the first user (potentially admin) by supplying a key[] array to the resetpass (rp) action, bypassing the check that key is not an array. This is a network‑level exploit with a CVSSv...
WordPress < 2.8.4 'wp-login.php' 'key' Parameter Remote Administrator Password Reset (uncredentialed check)
According to its version number, the version of WordPress running on the remote server has a flaw in the password reset mechanism. Validation of the secret user activation key can be bypassed by providing an array instead of a string. This allows anyone to reset the password of the first user in...
CVE-2009-2762
creationtimestamp| type| source ---|---|--- 2008-09-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6397 2008-09-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6421 2009-08-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9410...