Page 43 of 274 results (0.015 seconds)

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in WordPress before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML via the s parameter (aka the selection variable). Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en wp-admin/press-this.php en WordPress anteriores a v2.8.6 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través del parámetro "s" (también conocido como variable selección). • http://core.trac.wordpress.org/attachment/ticket/11119/press-this-xss-bug-11-10-2009.patch http://core.trac.wordpress.org/attachment/ticket/11119/press-this.002.diff http://core.trac.wordpress.org/ticket/11119 http://secunia.com/advisories/37332 http://wordpress.org/development/2009/11/wordpress-2-8-6-security-release http://www.openwall.com/lists/oss-security/2009/11/15/2 http://www.openwall.com/lists/oss-security/2009/11/15/3 http://www.openwall.com/lists/oss-secu • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 3%CPEs: 1EXPL: 2

Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service (CPU consumption and server hang) via a long title parameter in conjunction with a charset parameter composed of many comma-separated "UTF-8" substrings, related to the mb_convert_encoding function in PHP. Vulnerabilidad de complejidad algorítmica en wp-trackback.php en WordPress anteriores a v2.8.5 permite a atacantes remotos provocar una denegación de servicio (Consumo de CPU y cuelgue del servidor) a través de un valor largo en el parámetro "title" en conjunción con un parámetro "charset" compuesto por muchas subcadenas "UTF-8" separadas por coma, está relacionado con la función mb_convert_encoding en PHP. • http://codes.zerial.org/php/wp-trackbacks_dos.phps http://marc.info/?l=oss-security&m=125612393329041&w=2 http://marc.info/?l=oss-security&m=125614592004825&w=2 http://rooibo.wordpress.com/2009/10/17/agujero-de-seguridad-en-wordpress http://seclists.org/fulldisclosure/2009/Oct/263 http://secunia.com/advisories/37088 http://security-sh3ll.blogspot.com/2009/10/wordpress-resource-exhaustion-denial-of.html http://securitytracker.com/id?1023072 http://wordpress.org/development/2009& • CWE-310: Cryptographic Issues CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 2

Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php. Múltiples vulnerabilidades de inyección SQL en el plugin WP-Forum para WordPress antes de v2.4 permiten a atacantes remotos ejecutar comandos SQL arbitrarios a través de (1) el parámetro 'search_max' en una acción de búsqueda a la URI por defecto, en relación con wpf.class.php; (2) el parámetro 'forum' a un componente no especificado, en relación con wpf.class.php; (3) el parámetro 'topic' en una acción de la vista del Foro de la URI por defecto, en relacion con la función remove_topic en wpf.class.php, o el parámetro 'id' en una acción (4) 'editpost' o (5) 'viewtopic' a la URI por defecto, en relación con wpf-post.php. WP-Forum versions 2.3 and below suffer from remote SQL and blind SQL injection vulnerabilities. • https://www.exploit-db.com/exploits/10488 http://www.securityfocus.com/archive/1/508504/100/0/threaded http://www.securityfocus.com/bid/37357 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 91%CPEs: 1EXPL: 4

wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key[] array variable in a resetpass (aka rp) action, which bypasses a check that assumes that $key is not an array. wp-login.php en WordPress v2.8.3 y anteriores que permite a los atacantes remotos a forzar el restablecimiento de la contraseña para el primer usuario en la base de datos, posiblemente el administrador, a través de un key[] array variable en una acción resetpass (también conocido como rp), lo que evita un control que asume que $key no es un array. • https://www.exploit-db.com/exploits/6421 https://www.exploit-db.com/exploits/6397 https://www.exploit-db.com/exploits/9410 http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0114.html http://core.trac.wordpress.org/changeset/11798 http://secunia.com/advisories/36237 http://wordpress.org/development/2009/08/2-8-4-security-release http://www.exploit-db.com/exploits/9410 http://www.securityfocus.com/bid/36014 http://www.securitytracker.com/id?1022707 https:// • CWE-255: Credentials Management Errors CWE-639: Authorization Bypass Through User-Controlled Key •

CVSS: 10.0EPSS: 1%CPEs: 57EXPL: 2

Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, and (8) edit-tag-form.php in wp-admin/. Wordpress anterior a v2.8.3 permite a atacantes remotos conseguir privilegios a traves de una peticion directa a (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, y (8) edit-tag-form.php en wp-admin/. • http://core.trac.wordpress.org/changeset/11768 http://core.trac.wordpress.org/changeset/11769 http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release http://www.debian.org/security/2009/dsa-1871 http://www.openwall.com/lists/oss-security/2009/08/04/5 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •