Описание
WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.
WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0195
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html
- http://securityreason.com/securityalert/3539
- http://securityvulns.ru/Sdocument762.html
- http://securityvulns.ru/Sdocument768.html
- http://securityvulns.ru/Sdocument772.html
- http://securityvulns.ru/Sdocument773.html
- http://websecurity.com.ua/1679
- http://websecurity.com.ua/1683
- http://websecurity.com.ua/1686
- http://websecurity.com.ua/1687
- http://www.securityfocus.com/archive/1/485786/100/0/threaded
Связанные уязвимости
WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.
WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.
WordPress 2.0.11 and earlier allows remote attackers to obtain sensiti ...