Lucene search
Ubuntu.comUB:CVE-2008-0191HistoryJan 10, 2008 - 12:00 a.m.
CVE-2008-0191
2008-01-1000:00:00
ubuntu.com
ubuntu.com
11
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
78.2%
WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive
information via an invalid p parameter in an rss2 action to the default
URI, which reveals the full path and the SQL database structure.
Notes
| Author | Note |
|---|---|
| jdstrand | full path already known on Ubuntu/Debian |
| mdeslaur | not a security issue, ignored |
Related
cve
cve
CVE-2008-0191
2008-01-10 00:46:00
nvd
nvd
CVE-2008-0191
2008-01-10 00:46:00
debiancve
debiancve
CVE-2008-0191
2008-01-10 00:46:00
prion
prion
Design/Logic Flaw
2008-01-10 00:46:00
cvelist
cvelist
CVE-2008-0191
2008-01-10 00:00:00
patchstack
patchstack
WordPress <= 2.3.9 - SQL Injection
2008-01-09 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
78.2%
Related for UB:CVE-2008-0191