5
CVSSv2

CVE-2004-1584

Published: 31/12/2004 Updated: 11/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote malicious users to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter.

Affected Products

Vendor Product Versions
WordpressWordpress1.2

Exploits

# # This script is (C) Tenable Network Security # # if(description) { script_id(15443); script_bugtraq_id(11348); script_version ("$Revision: 11 $"); name["english"] = "WordPress HTTP Splitting Vulnerability"; script_name(english:name["english"]); desc["english"] = " The remote host is running WordPress BLOG, a web blog manager written in P ...