Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1 matches found

seebug.org
seebug.orgadded 2007/01/28 12:0 a.m.31 views

Wordpress Pingback SourceURI拒绝服务和信息泄露漏洞

Wordpress是一款基于WEB的网络日记应用程序。 Wordpress包含的XMLRPC和Pingback存在多个问题,远程攻击者可以利用漏洞进行拒绝服务攻击或者获得敏感信息。 Wordpress处理Pingback机制存在问题,发送恶意请求可导致拒绝服务攻击。 另外由于在传递给wpremotefopen函数时对sourceURI参数缺少过滤,可导致指定非HTTP资源来读取类似本地文件或者FTP源的信息。特定情况下,恶意用户可判断部分文件是否存在在系统中。 WordPress Wordpress B2 0.6.2 .1 WordPress Wordpress B2 0.6.2...

7AI score
Exploits0
Rows per page
Query Builder