Lucene search
MitreCVELIST:CVE-2011-4899HistoryJan 30, 2012 - 5:00 p.m.
CVE-2011-4899
2012-01-3017:00:00
mitre
www.cve.org
6
wordpress
installation
database
code injection
remote attackers
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue; however, remote code execution makes the issue important in many realistic environments
Related
prion
prion
Cross site scripting
2012-01-30 17:55:00
cve
cve
CVE-2011-4899
2012-01-30 17:55:00
nvd
nvd
CVE-2011-4899
2012-01-30 17:55:00
ubuntucve
ubuntucve
CVE-2011-4899
2012-01-30 00:00:00
packetstorm
packetstorm
Elipse E3 Scada PLC Denial Of Service
2014-07-15 00:00:00
WordPress 3.3.1 Code Execution / Cross Site Scripting
2012-01-25 00:00:00
debiancve
debiancve
CVE-2011-4899
2012-01-30 17:55:00
vulnrichment
vulnrichment
CVE-2011-4899
2012-01-30 17:00:00
exploitpack
exploitpack
WordPress 3.3.1 - Multiple Vulnerabilities
2012-01-25 00:00:00
zdt
zdt
WordPress <= 3.3.1 Multiple Vulnerabilities
2012-01-25 00:00:00
openvas
openvas
WordPress 'setup-config.php' Multiple Vulnerabilities
2012-02-01 00:00:00
seebug
seebug
WordPress 3.3.1 Code Execution / Cross Site Scripting
2012-01-25 00:00:00
wordpress <= 3.3.1 - Multiple Vulnerabilities
2014-07-01 00:00:00
securityvulns
securityvulns
TWSL2012-002: Multiple Vulnerabilities in WordPress
2012-02-13 00:00:00
exploitdb
exploitdb
WordPress Core 3.3.1 - Multiple Vulnerabilities
2012-01-25 00:00:00
nessus
nessus
WordPress < 3.3.2 Multiple Vulnerabilities
2012-05-09 00:00:00