Page 46 of 309 results (0.013 seconds)

CVSS: 7.2EPSS: 0%CPEs: 54EXPL: 3

Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en versiones de WordPress anteriores a la 2.6, sólo en versiones de desarrollo SVN, permite a atacantes remotos inyectar scripts web o HTML arbitrario a través de vectores sin especificar. • https://www.exploit-db.com/exploits/32053 http://trac.wordpress.org/ticket/7220 http://www.openwall.com/lists/oss-security/2008/07/15/5 http://www.openwall.com/lists/oss-security/2008/07/16/5 http://www.openwall.com/lists/oss-security/2008/07/16/6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0

The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string containing USERNAME and EXPIRY_TIME, which allows remote attackers to forge cookies by registering a username that results in the same concatenated string, as demonstrated by registering usernames beginning with "admin" to obtain administrator privileges, aka a "cryptographic splicing" issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-6013. El método de autenticación por Cookie en WordPress 2.5 confía en un hash de la cadena que resulta de concatenar USERNAME y EXPIRY_TIME, lo que permite a atacantes remotos falsificar cookies registrando nombres de usuario que resulten en la misma cadena concatenada, como se demostró registrando nombres de usuario que comenzaban con "admin" para conseguir privilegios de administrador, también conocido como asunto "empalme criptográfico". NOTA: Esta vulnerabilidad existe debido a un parche incompleto para la vulnerabilidad CVE-2007-6013 • http://secunia.com/advisories/29965 http://wordpress.org/development/2008/04/wordpress-251 http://www.cl.cam.ac.uk/users/sjm217/advisories/wordpress-cookie-integrity.txt http://www.securityfocus.com/archive/1/491356/100/0/threaded http://www.securityfocus.com/bid/28935 http://www.securitytracker.com/id?1019923 http://www.vupen.com/english/advisories/2008/1372/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42027 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en WordPress 2.5, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://secunia.com/advisories/29965 http://wordpress.org/development/2008/04/wordpress-251 https://exchange.xforce.ibmcloud.com/vulnerabilities/42029 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard. Vulnerabilidad de subida de ficheros sin restricciones en WordPress 2.5.1 y versiones anteriores podría permitir a administradores remotos autenticados subir y ejecutar archivos PHP arbitrariamente mediante la sección de Subidas en el área de Escribir Pestañas del panel de Gestión. • http://securityreason.com/securityalert/3897 http://www.securityfocus.com/archive/1/492230/100/0/threaded http://www.securityfocus.com/bid/29276 https://exchange.xforce.ibmcloud.com/vulnerabilities/42561 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.3EPSS: 1%CPEs: 68EXPL: 2

Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de directorio en la función get_category_template en wp-includes/theme.php en WordPress v2.3.3 y anteriores y v2.5, permite a atacantes remotos incluir y posiblemente ejecutar archivos PHP de su elección a través del parámetro "cat" en index.php. NOTA: parte de estos detalles han sido obtenidos de terceros. • https://www.exploit-db.com/exploits/31670 http://secunia.com/advisories/29949 http://trac.wordpress.org/changeset/7586 http://www.debian.org/security/2009/dsa-1871 http://www.juniper.fi/security/auto/vulnerabilities/vuln28845.html http://www.securityfocus.com/bid/28845 https://exchange.xforce.ibmcloud.com/vulnerabilities/41920 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •