Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2008-0196
HistoryJan 10, 2008 - 12:46 a.m.

CVE-2008-0196

2008-01-1000:46:00
CWE-22
mitre
web.nvd.nist.gov
45
cve
directory traversal
wordpress
security
vulnerability
remote attack
php
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

76.7%

JSON

Multiple directory traversal vulnerabilities in WordPress 2.0.11 and earlier allow remote attackers to read arbitrary files via a … (dot dot) in (1) the page parameter to certain PHP scripts under wp-admin/ or (2) the import parameter to wp-admin/admin.php, as demonstrated by discovering the full path via a request for the ....\wp-config pathname; and allow remote attackers to modify arbitrary files via a … (dot dot) in the file parameter to wp-admin/templates.php.

Affected configurations

Nvd
Node
wordpresswordpressRange2.0.11
VendorProductVersionCPE
wordpresswordpress*cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Related

securityvulns 3
debiancve 1
nvd 1
cvelist 1
prion 1
patchstack 1
ubuntucve 1
seebug 2
packetstorm 1
exploitpack 1
zdt 1
exploitdb 1
openvas 3
securityvulns
securityvulns
CSRF, Information Leakage and Full path disclosure vulnerabilities in WordPress
2010-08-08 00:00:00
CSRF, Information Leakage and Full path disclosure vulnerabilities in WordPress
2010-08-05 00:00:00
CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information
2009-07-09 00:00:00
debiancve
debiancve
CVE-2008-0196
2008-01-10 00:46:00
nvd
nvd
CVE-2008-0196
2008-01-10 00:46:00
cvelist
cvelist
CVE-2008-0196
2008-01-10 00:00:00
prion
prion
Directory traversal
2008-01-10 00:46:00
patchstack
patchstack
WordPress <= 2.0.11 - Multiple Directory Traversal
2008-01-09 00:00:00
ubuntucve
ubuntucve
CVE-2008-0196
2008-01-10 00:00:00
seebug
seebug
WordPress Privileges Unchecked in admin.php and Multiple Information
2009-07-10 00:00:00
WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures
2009-07-09 00:00:00
packetstorm
packetstorm
Core Security Technologies Advisory 2009.0515
2009-07-08 00:00:00
exploitpack
exploitpack
WordPress Core MU Plugins - admin.php Privileges Unchecked Multiple Information Disclosures
2009-07-10 00:00:00
zdt
zdt
WordPress Privileges Unchecked in admin.php and Multiple Information
2009-07-10 00:00:00
exploitdb
exploitdb
WordPress Core / MU / Plugins - &#039;/admin.php&#039; Privileges Unchecked / Multiple Information Disclosures
2009-07-10 00:00:00
openvas
openvas
Ubuntu USN-801-1 (tiff)
2009-07-29 00:00:00
Ubuntu USN-802-1 (apache2)
2009-07-29 00:00:00
Ubuntu USN-799-1 (dbus)
2009-07-29 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

76.7%

JSON
Related for CVE-2008-0196
securityvulns3debiancve1nvd1cvelist1prion1patchstack1ubuntucve1seebug2packetstorm1exploitpack1zdt1exploitdb1openvas3