Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2011-4898
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-4898

2022-10-0316:15:14
mitre
www.cve.org
1
wordpress installation cve-2011-4898 mysql credentials

6.2 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.9%

JSON

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue; also, it is unclear whether providing intentionally vague error messages during installation would be reasonable from a usability perspective

Related

prion 2
ubuntucve 2
patchstack 1
nvd 2
cve 2
debiancve 2
cvelist 1
seebug 2
securityvulns 1
packetstorm 1
exploitpack 1
openvas 1
exploitdb 1
nessus 1
prion
prion
Design/Logic Flaw
2012-01-30 17:55:00
Design/Logic Flaw
2012-01-30 17:55:00
ubuntucve
ubuntucve
CVE-2011-4898
2012-01-30 00:00:00
CVE-2012-0937
2012-01-30 00:00:00
patchstack
patchstack
WordPress <= 3.3.1 - Multiple Vulnerabilities
2012-01-25 00:00:00
nvd
nvd
CVE-2011-4898
2012-01-30 17:55:00
CVE-2012-0937
2012-01-30 17:55:01
cve
cve
CVE-2011-4898
2022-10-03 16:15:14
CVE-2012-0937
2022-10-03 16:15:38
debiancve
debiancve
CVE-2011-4898
2022-10-03 16:15:14
CVE-2012-0937
2022-10-03 16:15:38
cvelist
cvelist
CVE-2012-0937
2022-10-03 16:15:38
seebug
seebug
wordpress <= 3.3.1 - Multiple Vulnerabilities
2014-07-01 00:00:00
WordPress 3.3.1 Code Execution / Cross Site Scripting
2012-01-25 00:00:00
securityvulns
securityvulns
TWSL2012-002: Multiple Vulnerabilities in WordPress
2012-02-13 00:00:00
packetstorm
packetstorm
WordPress 3.3.1 Code Execution / Cross Site Scripting
2012-01-25 00:00:00
exploitpack
exploitpack
WordPress 3.3.1 - Multiple Vulnerabilities
2012-01-25 00:00:00
openvas
openvas
WordPress 'setup-config.php' Multiple Vulnerabilities
2012-02-01 00:00:00
exploitdb
exploitdb
WordPress Core 3.3.1 - Multiple Vulnerabilities
2012-01-25 00:00:00
nessus
nessus
WordPress < 3.3.2 Multiple Vulnerabilities
2012-05-09 00:00:00

6.2 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.9%

JSON
Related for CVELIST:CVE-2011-4898
prion2ubuntucve2patchstack1nvd2cve2debiancve2cvelist1seebug2securityvulns1packetstorm1exploitpack1openvas1exploitdb1nessus1