oss-sec mailing list archives
Re: TWSL2012-002: Multiple Vulnerabilities in WordPress
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 25 Jan 2012 17:02:58 -0700
On 01/25/2012 08:31 AM, Henri Salo wrote:
FYI: http://seclists.org/fulldisclosure/2012/Jan/416 - Henri
Uh correct me if I am wrong but these already have CVE's? From the link: Finding 1: PHP Code Execution and Persistent Cross Site Scripting Vulnerabilities via 'setup-config.php' page. CVE: CVE-2011-4899 Finding 2: Multiple Cross Site Scripting Vulnerabilities in 'setup-config.php' page CVE: CVE-2012-0782 Finding 3: MySQL Server Username/Password Disclosure Vulnerability via 'setup-config.php' page CVE: CVE-2011-4898 -- -- Kurt Seifried / Red Hat Security Response Team kseifried () redhat com
Current thread:
- TWSL2012-002: Multiple Vulnerabilities in WordPress Henri Salo (Jan 25)
- Re: TWSL2012-002: Multiple Vulnerabilities in WordPress Kurt Seifried (Jan 25)
- Re: TWSL2012-002: Multiple Vulnerabilities in WordPress Henri Salo (Jan 25)
- Re: TWSL2012-002: Multiple Vulnerabilities in WordPress Kurt Seifried (Jan 25)