Published: 10/01/2008 Updated: 15/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Multiple directory traversal vulnerabilities in WordPress 2.0.11 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the page parameter to certain PHP scripts under wp-admin/ or (2) the import parameter to wp-admin/admin.php, as demonstrated by discovering the full path via a request for the \..\..\wp-config pathname; and allow remote malicious users to modify arbitrary files via a .. (dot dot) in the file parameter to wp-admin/templates.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordpress

Core Security Technologies Advisory - A vulnerability was found in the way that WordPress handles some URL requests This results in unprivileged users viewing the content of plugins configuration pages, and also in some plugins modifying plugin options and injecting JavaScript code Arbitrary native code may be run by a malicious attacker if the b ...

CWE-22 http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html http://securityvulns.ru/Sdocument762.html http://securityvulns.ru/Sdocument768.html http://securityvulns.ru/Sdocument772.html http://securityvulns.ru/Sdocument773.html http://websecurity.com.ua/1679/http://websecurity.com.ua/1683/http://websecurity.com.ua/1686/http://websecurity.com.ua/1687/http://securityreason.com/securityalert/3539 http://www.securityfocus.com/archive/1/485786/100/0/threaded https://nvd.nist.gov https://packetstormsecurity.com/files/79033/Core-Security-Technologies-Advisory-2009.0515.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-0196

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect