CVE-2005-2612

Опубликовано: 17 авг. 2005

Источник: nvd

CVSS2: 7.5

EPSS Высокий

Описание

Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0234.html
Exploit
http://secunia.com/advisories/16386
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0234.html
Exploit
http://secunia.com/advisories/16386
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.73416

Высокий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2005-2612

ubuntu

почти 20 лет назад

Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.

CVE-2005-2612

debian

почти 20 лет назад

Direct code injection vulnerability in WordPress 1.5.1.3 and earlier a ...

GHSA-73gj-5f8g-vq97

github

около 3 лет назад

Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.

EPSS

Процентиль: 99%

0.73416

Высокий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other