WordPress 1.2 wp-login.php响应拆分攻击漏洞

No description provided by source...

CVE-2004-1584

The CVE-2004-1584 entry maps to a CRLF/HTTP Response Splitting vulnerability in WordPress 1.2, exploitable via wp-login.php using the text parameter to modify server HTML output. Affected software is WordPress 1.2 (WordPress

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

DEBIAN-CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

HTTP Response Splitting Vulnerability in Wordpress 1.2

SECURITY ADVISORY: HTTP Response Splitting in WordPress 1.2 AUTHOR: Chaotic Evil chaoticevil $$$at$$$ spyring $$$dot$$$ com DATE: October 6th, 2004 PRODUCT: WordPress 1.2 wordpress.org FROM THE VENDOR WEBSITE: WordPress is a state-of-the-art semantic personal publishing platform with a focus on...