Описание
WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a "1" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | not-affected | |
| edgy | not-affected | |
| feisty | not-affected | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
5 Medium
CVSS2
Связанные уязвимости
WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a "1" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1.
WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensit ...
WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a "1" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1.
5 Medium
CVSS2