CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4154 – WordPress Core <= 2.2.1 - SQL Injection
https://notcve.org/view.php?id=CVE-2007-4154
SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the page_options parameter to (1) options-general.php, (2) options-writing.php, (3) options-reading.php, (4) options-discussion.php, (5) options-privacy.php, (6) options-permalink.php, (7) options-misc.php, and possibly other unspecified components. Vulnerabilidad de inyección SQL en options.php de WordPress 2.2.1 permite a administradores autenticados remotamente ejecutar comandos SQL de su elección a través del parámetro page_options de (2) options-general.php, (2) options-writing.php, (3) options-reading.php, (4) options-discussion.php, (5) options-privacy.php, (6) options-permalink.php, (7) options-misc.php, y posiblemente otros componentes no especificados. • http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm http://secunia.com/advisories/30013 http://www.debian.org/security/2008/dsa-1564 https://exchange.xforce.ibmcloud.com/vulnerabilities/35719 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 2CVE-2007-4139 – WordPress Core <= 2.2.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-4139
Cross-site scripting (XSS) vulnerability in the Temporary Uploads editing functionality (wp-admin/includes/upload.php) in WordPress 2.2.1, allows remote attackers to inject arbitrary web script or HTML via the style parameter to wp-admin/upload.php. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la funcionalidad de edición Temporary Uploads (wp-admin/includes/upload.php) de WordPress 2.2.1, permite a usuarios remotos inyectar scripts web o HTML de su elección a través del parámetro style en wp-admin/upload.php. • http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm http://osvdb.org/36621 http://secunia.com/advisories/26296 http://trac.wordpress.org/attachment/ticket/4689/4689.diff http://trac.wordpress.org/ticket/4689 http://www.securityfocus.com/bid/25158 http://www.vupen.com/english/advisories/2007/2744 https://exchange.xforce.ibmcloud.com/vulnerabilities/35718 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3639 – WordPress Core < 2.2.2 - Open Redirect
https://notcve.org/view.php?id=CVE-2007-3639
WordPress before 2.2.2 allows remote attackers to redirect visitors to other websites and potentially obtain sensitive information via (1) the _wp_http_referer parameter to wp-pass.php, related to the wp_get_referer function in wp-includes/functions.php; and possibly other vectors related to (2) wp-includes/pluggable.php and (3) the wp_nonce_ays function in wp-includes/functions.php. WordPress anterior a 2.2.2 permite a atacantes remotos redireccionar a los vistantes a otros sitios web y potencialmente obtener información sensible a través del parámetro (1) the _wp_http_referer en wp-pass.php, relacionado con la función wp_get_referer en wp-includes/functions.php; y posiblemente otros vectores relacionados en (2) wp-includes/pluggable.php y (3) la función wp_nonce_ays en wp-includes/functions.php. • http://osvdb.org/40802 http://secunia.com/advisories/30013 http://securityreason.com/securityalert/2869 http://www.debian.org/security/2008/dsa-1564 http://www.securityfocus.com/archive/1/472885/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/35272 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3543 – WordPress Core <= 2.2 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2007-3543
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadata field; and then sending this file's content, along with its post_ID value, to (1) wp-app.php or (2) app.php. Vulnerabilidad de fichero de archivo no restringido en WordPress anterior a 2.2.1 y WordPress MU anterior a 1.2.3 permite a usuarios autenticados remotos subir y ejecutar código PHP de su elección mediante un post en el que se especifica un nombre de fichero .php en el campo de meta datos _wp_attached_file; entonces se envía el contenido del fichero, junto con su valor post_ID, a (1) wp-app.php o (2) app.php. • http://osvdb.org/37295 http://secunia.com/advisories/25794 http://trac.mu.wordpress.org/changeset/1005 http://www.buayacorp.com/files/wordpress/wordpress-advisory.html http://www.securityfocus.com/bid/24642 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3544 – WordPress Core <= 2.2.1 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2007-3544
Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wp_postmeta table and the use of custom fields in normal (non-attachment) posts. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-3543. Vulnerabilidad e envío de archivo no restringido en (1) wp-app.php y (2) app.php de WordPresss 2.2.1 y WordPresss MU 1.2.3 permite a usuarios autenticados remotamente enviar y ejecutar código PHP de su elección a través de vectores no especificados, posiblemente relacionados con la tabla wp_postmeta y el uso de campos personalizados en anotaciones (posts) normales (sin adjuntos). • http://osvdb.org/37294 http://www.buayacorp.com/files/wordpress/wordpress-advisory.html • CWE-434: Unrestricted Upload of File with Dangerous Type •