Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-0539 |
The wp_remote_fopen function in WordPress before 2.1 allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint. Published: January 29, 2007; 12:28:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2007-0540 |
WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data. Published: January 29, 2007; 12:28:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2007-0541 |
WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain configurations causes a brief file excerpt to be published as a blog comment. Published: January 29, 2007; 12:28:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2007-0233 |
wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress. Published: January 12, 2007; 9:28:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-0107 |
WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after escaping the SQL query, which allows remote attackers to bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charsets, as demonstrated using UTF-7. Published: January 08, 2007; 7:28:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2006-6808 |
Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the get_file_description function in wp-admin/admin-functions.php. Published: December 28, 2006; 4:28:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2006-6016 |
wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter. Published: November 21, 2006; 6:07:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-6017 |
WordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service (application crash) via a string that represents a (1) malformed or (2) large serialized object, because the object triggers automatic unserialization for display. Published: November 21, 2006; 6:07:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-5705 |
Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request. Published: November 03, 2006; 8:07:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.0 MEDIUM |
CVE-2006-2667 |
Direct static code injection vulnerability in WordPress 2.0.2 and earlier allows remote attackers to execute arbitrary commands by inserting a carriage return and PHP code when updating a profile, which is appended after a special comment sequence into files in (1) wp-content/cache/userlogins/ (2) wp-content/cache/users/ which are later included by cache.php, as demonstrated using the displayname argument. Published: May 30, 2006; 5:02:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2006-1796 |
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']). Published: April 17, 2006; 4:06:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2006-1263 |
Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. Published: March 18, 2006; 9:02:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2006-0985 |
Multiple cross-site scripting (XSS) vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) website, and (3) comment parameters. Published: March 03, 2006; 6:02:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2006-0986 |
WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) default-filters.php, (2) template-loader.php, (3) rss-functions.php, (4) locale.php, (5) wp-db.php, and (6) kses.php in the wp-includes/ directory; and (7) edit-form-advanced.php, (8) admin-functions.php, (9) edit-link-form.php, (10) edit-page-form.php, (11) admin-footer.php, and (12) menu.php in the wp-admin directory; and possibly (13) list directory contents of the wp-includes directory. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors are already covered by CVE-2005-4463. The menu-header.php vector is already covered by CVE-2005-2110. Other vectors might be covered by CVE-2005-1688. NOTE: if the typical installation of WordPress does not list any site-specific files to wp-includes, then vector [13] is not an exposure. Published: March 03, 2006; 6:02:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-4463 |
WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-form-comment.php, which leaks the path in an error message related to undefined functions or failed includes. NOTE: the wp-admin/menu-header.php vector is already covered by CVE-2005-2110. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors were also reported to affect WordPress 2.0.1. Published: December 21, 2005; 5:03:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-2612 |
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie. Published: August 17, 2005; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2005-2107 |
Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter. Published: July 05, 2005; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2005-2108 |
SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file. Published: July 05, 2005; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2005-2109 |
wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use. Published: July 05, 2005; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-2110 |
WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a "1" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1. Published: July 05, 2005; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |