Lucene search
K

3369 matches found

Vulnrichment
Vulnrichment
added 2006/11/21 11:0 p.m.8 views

CVE-2006-6017

WordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service application crash via a string that represents a 1 malformed or 2 large serialized object, because the object...

6.4AI score0.0226EPSS
Exploits0References3
OSV
OSV
added 2006/11/04 1:7 a.m.8 views

CVE-2006-5705

Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the 1 backup and 2 fragment parameters in a GET request...

6.3AI score
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2006/06/12 12:0 a.m.14 views

WordPress < 2.0.3 Arbitrary Code Injection

Binary data 3647.prm...

7.5CVSS7.3AI score0.1453EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2006/02/15 12:0 a.m.11 views

WordPress < 2.0.1 Arbitrary Script Injection

Binary data 3435.prm...

2.6CVSS7.3AI score0.04719EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2005/07/01 12:0 a.m.29 views

wordpress1512.txt

GulfTech Security Research June 28th, 2005 Vendor : WordPress URL : http://wordpress.org/ Version : WordPress 1.5.1.2 && Earlier Risk : Multiple Vulnerabilities Description: WordPress is a very popular personal publishing platform aka blog software, and is used by everyone from celebrities, to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/07/01 12:0 a.m.40 views

wpcmdexec.pl.txt

!/usr/bin/perl -w Wordpress 1.5.1.2 Strayhorn // XMLRPC Interface SQL Injection By James Bercegay // http://www.gulftech.org/ // June 21 2005 Quick and dirty proof of concept that uses the XML RPC server vulnerabilities I discovered to extract a password hash & use that hash to execute shell...

Exploits0
exploitpack
exploitpack
added 2004/12/16 12:0 a.m.8 views

WordPress 1.2.11.2.2 - wp-admintemplates.php?file Cross-Site Scripting

WordPress 1.2.11.2.2 - wp-admintemplates.php?file Cross-Site Scripting source: https://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization o...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/08 12:0 a.m.50 views

WordPress 'wp-login.php' HTTP Response Splitting

According to its banner, the remote version of WordPress is vulnerable to an HTTP-splitting attack wherein an attacker can insert CR LF characters and then entice an unsuspecting user into accessing the URL. The client will parse and possibly act on the secondary header which was supplied by the...

5CVSS5.6AI score0.11226EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2004/09/28 12:0 a.m.25 views

WordPress Core 1.2 - &#039;bookmarklet.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. Wordpress 1.2 is reported vulnerable, however, other...

7.4AI score
Exploits0
Rows per page
Query Builder