[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250053

 
 

909

 
 

195940

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-6767Date: (C)2009-04-28   (M)2023-12-22


wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
http://archives.neohapsis.com/archives/bugtraq/2008-12/0226.html
DSA-1871
wordpress-upgrade-sec-bypass(50384)

CPE    1
cpe:/a:wordpress:wordpress:2.6
OVAL    3
oval:org.mitre.oval:def:8072
oval:org.secpod.oval:def:600328
oval:org.secpod.oval:def:600449

© SecPod Technologies