Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6762

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-6762
Last Modified 26 Aug 2009 01:20:25
Published 28 Apr 2009 12:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6762

Summary

Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.

Vulnerable Systems

Application

  • Wordpress 2.6


References

XF - wordpress-upgrade-phishing(50382)

DEBIAN - DSA-1871

OSVDB - 52213

BUGTRAQ - 20081222 [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS


Last Updated: 27 May 2016 10:49:20