Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2392

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2008-2392
Last Modified 29 Jan 2009 01:49:58
Published 21 May 2008 09:24:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-2392

Summary

Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.

Vulnerable Systems

Application

  • Wordpress 2.3.2

  • Wordpress 2.3.3

  • Wordpress 2.5.1


References

XF - wordpress-writetabs-file-upload(42561)

BID - 29276

BUGTRAQ - 20080519 Wordpress Malicious File Execution Vulnerability

SREASON - 3897


Last Updated: 27 May 2016 10:47:51