|
|
Family: CGI abuses --> Category: attack
WordPress < 1.5.1 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in WordPress < 1.5.1
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains multiple PHP scripts that are prone to
SQL injection and cross-site scripting attacks.
Description :
The version of WordPress installed on the remote host suffers from
multiple vulnerabilities:
- A SQL Injection Vulnerability
WordPress fails to properly sanitize user input passed
via the 'tb_id' parameter to the 'wp-trackback.php'
script before using it in database queries. This
could lead to disclosure of sensitive information or
even attacks against the underlying database.
- Multiple Cross-Site Scripting Vulnerabilities.
A possible hacker can pass arbitrary HTML and script code
through the 's' parameter of the 'wp-admin/edit.php'
script or the 'p' parameter in the 'wp-admin/post.php'
script, thereby facilitating cross-site scripting
attacks. Note, though, that these attacks will
only be successful against administrators since the
scripts themselves are limited to administrators.
See also :
http://wordpress.org/development/2005/05/one-five-one/
Solution :
Upgrade to WordPress version 1.5.1 or later.
Threat Level:
Medium / CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
