CVE-2006-0986 – WordPress Core < 2.0.2 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2006-0986
WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) default-filters.php, (2) template-loader.php, (3) rss-functions.php, (4) locale.php, (5) wp-db.php, and (6) kses.php in the wp-includes/ directory; and (7) edit-form-advanced.php, (8) admin-functions.php, (9) edit-link-form.php, (10) edit-page-form.php, (11) admin-footer.php, and (12) menu.php in the wp-admin directory; and possibly (13) list directory contents of the wp-includes directory. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors are already covered by CVE-2005-4463. The menu-header.php vector is already covered by CVE-2005-2110. Other vectors might be covered by CVE-2005-1688. NOTE: if the typical installation of WordPress does not list any site-specific files to wp-includes, then vector [13] is not an exposure. • http://NeoSecurityTeam.net/advisories/Advisory-17.txt http://secunia.com/advisories/19050 http://www.securityfocus.com/archive/1/426304/100/0/threaded http://www.securityfocus.com/archive/1/426504/100/0/threaded http://www.securityfocus.com/archive/1/426574/100/0/threaded http://www.vupen.com/english/advisories/2006/0777 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2006-0733 – WordPress Core 2.0 - Comment Post HTML Injection
https://notcve.org/view.php?id=CVE-2006-0733
Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only exploitable by the same user who injects the XSS, so this might not be a vulnerability • https://www.exploit-db.com/exploits/27227 http://myimei.com/security/2006-02-15/wordpress200autors-websitexss-attack.html http://www.securityfocus.com/archive/1/425043/100/0/threaded http://www.securityfocus.com/bid/16656 https://exchange.xforce.ibmcloud.com/vulnerabilities/24736 •
CVE-2006-1796 – WordPress Core < 2.0.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-1796
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']). • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328909 http://trac.wordpress.org/ticket/1686 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-1012 – WordPress Core <= 1.5.2 - SQL Injection
https://notcve.org/view.php?id=CVE-2006-1012
SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment. Vulnerabilidad de inyección de SQL en WordPress 1.5.2, y posiblemente otras versiones anteriores a 2.0, permite a atacantes remotos ejecutar órdenes SQL de su elección mediante el campo "User-Agent" en la cabecera HTTP de un comentario. • http://secunia.com/advisories/19109 http://secunia.com/advisories/19123 http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml http://www.securityfocus.com/bid/16950 https://exchange.xforce.ibmcloud.com/vulnerabilities/25321 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2005-4463 – WordPress Core < 1.5.2 - Full Path Disclosure
https://notcve.org/view.php?id=CVE-2005-4463
WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-form-comment.php, which leaks the path in an error message related to undefined functions or failed includes. NOTE: the wp-admin/menu-header.php vector is already covered by CVE-2005-2110. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors were also reported to affect WordPress 2.0.1. • http://NeoSecurityTeam.net/advisories/Advisory-17.txt http://echo.or.id/adv/adv24-theday-2005.txt http://securityreason.com/securityalert/286 http://www.securityfocus.com/archive/1/419994/100/0/threaded http://www.securityfocus.com/archive/1/419999/100/0/threaded http://www.securityfocus.com/archive/1/426304/100/0/threaded • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •