CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 2CVE-2008-4671 – WordPress MU < 2.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-4671
Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in Wordpress MU (WPMU) before 2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) s and (2) ip_address parameters. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el archivo wp-admin/wp-blogs.php en Wordpress MU (WPMU), en versiones anteriores a 2.6, que permite a los atacantes remotos inyectar arbitrariamente una secuencia de comandos web o HTML a través de los parámetros (1) s y (2) ip_address • https://www.exploit-db.com/exploits/32444 http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064748.html http://secunia.com/advisories/32060 http://www.securityfocus.com/bid/31482 https://exchange.xforce.ibmcloud.com/vulnerabilities/45512 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 3CVE-2008-5695 – WordPress Core < 2.3.3 & WordPress MU < 1.3.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2008-5695
wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins. wp-admin/options.php en versiones de WordPress MU anteriores a la 1.3.2, y WordPress 2.3.2 y anteriores, no valida las solicitudes de actualización de una opción, lo que permite a usuarios remotos que tengan las capacidades manage_options y upload_files y esten autenticados, ejecutar código arbitrario subiendo un Script PHP y añadiendo la ruta de este script a los plugins activos. • https://www.exploit-db.com/exploits/5066 http://mu.wordpress.org/forums/topic.php?id=7534&page&replies=1 http://secunia.com/advisories/28789 http://securityreason.com/securityalert/4798 http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html http://www.buayacorp.com/files/wordpress/wp-blog-option-overwrite.txt http://www.securityfocus.com/bid/27633 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3544 – WordPress Core <= 2.2.1 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2007-3544
Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wp_postmeta table and the use of custom fields in normal (non-attachment) posts. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-3543. Vulnerabilidad e envío de archivo no restringido en (1) wp-app.php y (2) app.php de WordPresss 2.2.1 y WordPresss MU 1.2.3 permite a usuarios autenticados remotamente enviar y ejecutar código PHP de su elección a través de vectores no especificados, posiblemente relacionados con la tabla wp_postmeta y el uso de campos personalizados en anotaciones (posts) normales (sin adjuntos). • http://osvdb.org/37294 http://www.buayacorp.com/files/wordpress/wordpress-advisory.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3543 – WordPress Core <= 2.2 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2007-3543
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadata field; and then sending this file's content, along with its post_ID value, to (1) wp-app.php or (2) app.php. Vulnerabilidad de fichero de archivo no restringido en WordPress anterior a 2.2.1 y WordPress MU anterior a 1.2.3 permite a usuarios autenticados remotos subir y ejecutar código PHP de su elección mediante un post en el que se especifica un nombre de fichero .php en el campo de meta datos _wp_attached_file; entonces se envía el contenido del fichero, junto con su valor post_ID, a (1) wp-app.php o (2) app.php. • http://osvdb.org/37295 http://secunia.com/advisories/25794 http://trac.mu.wordpress.org/changeset/1005 http://www.buayacorp.com/files/wordpress/wordpress-advisory.html http://www.securityfocus.com/bid/24642 • CWE-434: Unrestricted Upload of File with Dangerous Type •