Published: 05/07/2005 Updated: 18/10/2016

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordpress 1.0
wordpress wordpress 1.0.1
wordpress wordpress 1.5
wordpress wordpress 1.5.1
wordpress wordpress 1.5.1.2
wordpress wordpress 1.0.2
wordpress wordpress 1.2

#!/usr/bin/perl -w # sorry for the late posting, had to test it /str0ke ################################################################# # Wordpress 1512 Strayhorn // XMLRPC Interface SQL Injection # ################################################################# # By James Bercegay // wwwgulftechorg/ // June 21 2005 # ########### ...

NVD-CWE-Other http://www.gulftech.org/?node=research&article_id=00085-06282005 http://secunia.com/advisories/15831 http://marc.info/?l=bugtraq&m=112006967221438&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/1077/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-2108

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect