1525 lines
61 KiB
XML
1525 lines
61 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<vulnerabilities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:noNamespaceSchemaLocation="vuln.xsd">
|
|
|
|
<wordpress version="3.5.1">
|
|
<vulnerability>
|
|
<title>CVE-2013-2173: WordPress 3.4-3.5.1 DoS in class-phpass.php</title>
|
|
<reference>http://seclists.org/fulldisclosure/2013/Jun/65</reference>
|
|
<reference>http://secunia.com/advisories/53676/</reference>
|
|
<reference>http://osvdb.org/94235</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress Multiple XSS</title>
|
|
<reference>http://osvdb.org/94791</reference>
|
|
<reference>http://osvdb.org/94785</reference>
|
|
<reference>http://osvdb.org/94786</reference>
|
|
<reference>http://osvdb.org/94790</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress TinyMCE Plugin Flash Applet Unspecified Spoofing Weakness</title>
|
|
<reference>http://osvdb.org/94787</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title> WordPress File Upload Unspecified Path Disclosure</title>
|
|
<reference>http://osvdb.org/94788</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress oEmbed Unspecified XML External Entity (XXE) Arbitrary File Disclosure</title>
|
|
<reference>http://osvdb.org/94789</reference>
|
|
<type>XXE</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress Multiple Role Remote Privilege Escalation</title>
|
|
<reference>http://osvdb.org/94783</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress HTTP API Unspecified Server Side Request Forgery (SSRF)</title>
|
|
<reference>http://osvdb.org/94784</reference>
|
|
<type>SSRF</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.5">
|
|
<vulnerability>
|
|
<title>CVE-2013-2173: WordPress 3.4-3.5.1 DoS in class-phpass.php</title>
|
|
<reference>http://seclists.org/fulldisclosure/2013/Jun/65</reference>
|
|
<reference>http://secunia.com/advisories/53676/</reference>
|
|
<reference>http://osvdb.org/94235</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.5 to 3.3.2 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<reference>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.4.2">
|
|
<vulnerability>
|
|
<title>CVE-2013-2173: WordPress 3.4-3.5.1 DoS in class-phpass.php</title>
|
|
<reference>http://seclists.org/fulldisclosure/2013/Jun/65</reference>
|
|
<reference>http://secunia.com/advisories/53676/</reference>
|
|
<reference>http://osvdb.org/94235</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.5 to 3.3.2 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<reference>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.4.2 Cross Site Request Forgery</title>
|
|
<reference>http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html</reference>
|
|
<type>CSRF</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.4.1">
|
|
<vulnerability>
|
|
<title>CVE-2013-2173: WordPress 3.4-3.5.1 DoS in class-phpass.php</title>
|
|
<reference>http://seclists.org/fulldisclosure/2013/Jun/65</reference>
|
|
<reference>http://secunia.com/advisories/53676/</reference>
|
|
<reference>http://osvdb.org/94235</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.5 to 3.3.2 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<reference>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.4">
|
|
<vulnerability>
|
|
<title>CVE-2013-2173: WordPress 3.4-3.5.1 DoS in class-phpass.php</title>
|
|
<reference>http://seclists.org/fulldisclosure/2013/Jun/65</reference>
|
|
<reference>http://secunia.com/advisories/53676/</reference>
|
|
<reference>http://osvdb.org/94235</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.5 to 3.3.2 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<reference>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.4-beta4">
|
|
<vulnerability>
|
|
<title>WordPress 3.5 to 3.3.2 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<reference>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
|
|
<reference>http://www.exploit-db.com/exploits/18791/</reference>
|
|
<type>CSRF</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.3.3">
|
|
<vulnerability>
|
|
<title>WordPress 3.5 to 3.3.2 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<reference>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.3.2">
|
|
<vulnerability>
|
|
<title>WordPress 3.5 to 3.3.2 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<reference>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
|
|
<reference>http://www.exploit-db.com/exploits/18791/</reference>
|
|
<type>CSRF</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 Cross Site Scripting</title>
|
|
<reference>http://packetstormsecurity.org/files/113254</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.3.1">
|
|
<vulnerability>
|
|
<title>Multiple vulnerabilities including XSS and Privilege Escalation</title>
|
|
<reference>http://wordpress.org/news/2012/04/wordpress-3-3-2/</reference>
|
|
<type>MULTI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
|
|
<reference>http://www.exploit-db.com/exploits/18791/</reference>
|
|
<type>CSRF</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.3">
|
|
<vulnerability>
|
|
<title>Reflected Cross-Site Scripting in WordPress 3.3</title>
|
|
<reference>http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.2.1">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.2">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1.4">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1.3">
|
|
<vulnerability>
|
|
<title>Multiple SQL Injection Vulnerabilities</title>
|
|
<reference>http://www.exploit-db.com/exploits/17465/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1.2">
|
|
<vulnerability>
|
|
<title>Wordpress <= 3.1.2 Clickjacking Vulnerability</title>
|
|
<reference>http://seclists.org/fulldisclosure/2011/Sep/219</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1.1">
|
|
<vulnerability>
|
|
<title>WordPress wp-includes/formatting.php make_clickable() PCRE Library Remote DoS</title>
|
|
<reference>http://osvdb.org/72142</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.6">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.5">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.4">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.3">
|
|
<vulnerability>
|
|
<title>SQL injection vulnerability in do_trackbacks() Wordpress function</title>
|
|
<reference>http://www.exploit-db.com/exploits/15684/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 3.0.3 stored XSS IE7,6 NS8.1</title>
|
|
<reference>http://www.exploit-db.com/exploits/15858/</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.2">
|
|
<vulnerability>
|
|
<title>WordPress XML-RPC Interface Access Restriction Bypass</title>
|
|
<reference>http://osvdb.org/69761</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.1">
|
|
<vulnerability>
|
|
<title>WordPress: Information Disclosure via SQL Injection Attack</title>
|
|
<reference>http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.9.2">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.9.1">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.9">
|
|
<vulnerability>
|
|
<title>WordPress 2.9 Failure to Restrict URL Access</title>
|
|
<reference>http://www.exploit-db.com/exploits/11441/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress DOS <= 2.9</title>
|
|
<reference>http://www.exploit-db.com/exploits/11441/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.6">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.5">
|
|
<vulnerability>
|
|
<title>WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution</title>
|
|
<reference>http://www.exploit-db.com/exploits/10089/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.4">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.3">
|
|
<vulnerability>
|
|
<title>Wordpress <= 2.8.3 Remote Admin Reset Password Vulnerability</title>
|
|
<reference>http://www.exploit-db.com/exploits/9410/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.2">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.1">
|
|
<vulnerability>
|
|
<title>Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/9250/</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.7.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.7">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.5">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.4">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.3">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/6421/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.5.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.5">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.3.3">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.3.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.3.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability</title>
|
|
<reference>http://www.exploit-db.com/exploits/4721/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.3">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.2.3">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.2.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.2.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/4113/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/4039/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.1.3">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/3960/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.1.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress "year" Cross-Site Scripting Vulnerability</title>
|
|
<reference>http://secunia.com/advisories/24485/</reference>
|
|
<reference>http://www.securityfocus.com/archive/1/archive/1/462374/100/0/threaded</reference>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/3656/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.1.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.1">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.11">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.10">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.9">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.8">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.7">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.6">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/3109/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.5">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/3095/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.4">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.3">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/6/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<reference>http://www.securityfocus.com/bid/35584/</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.2">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.1.3">
|
|
<vulnerability>
|
|
<title>Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)</title>
|
|
<reference>http://www.exploit-db.com/exploits/1145/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.1.2">
|
|
<vulnerability>
|
|
<title>Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/1077/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.1.1">
|
|
<vulnerability>
|
|
<title>WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/1059/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress <= 1.5.1.1 SQL Injection Exploit</title>
|
|
<reference>http://www.exploit-db.com/exploits/1033/</reference>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.1">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
</vulnerabilities>
|