Executive Summary
Summary | |
---|---|
Title | New wordpress packages fix regression |
Informations | |||
---|---|---|---|
Name | DSA-1871 | First vendor Publication | 2009-08-23 |
Vendor | Debian | Last vendor Modification | 2009-08-27 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The previous wordpress update introduced a regression when fixing CVE-2008-4769 due to a function that was not backported with the patch. Please note that this regression only affects the oldstable distribution (etch). For reference the original advisory text follows. Several vulnerabilities have been discovered in wordpress, weblog manager. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-6762 It was discovered that wordpress is prone to an open redirect vulnerability which allows remote attackers to conduct phishing atacks. CVE-2008-6767 It was discovered that remote attackers had the ability to trigger an application upgrade, which could lead to a denial of service attack. CVE-2009-2334 It was discovered that wordpress lacks authentication checks in the plugin configuration, which might leak sensitive information. CVE-2009-2854 It was discovered that wordpress lacks authentication checks in various actions, thus allowing remote attackers to produce unauthorised edits or additions. CVE-2009-2851 It was discovered that the administrator interface is prone to a cross-site scripting attack. CVE-2009-2853 It was discovered that remote attackers can gain privileges via certain direct requests. CVE-2008-1502 It was discovered that the _bad_protocol_once function in KSES, as used by wordpress, allows remote attackers to perform cross-site scripting attacks. CVE-2008-4106 It was discovered that wordpress lacks certain checks around user information, which could be used by attackers to change the password of a user. CVE-2008-4769 It was discovered that the get_category_template function is prone to a directory traversal vulnerability, which could lead to the execution of arbitrary code. CVE-2008-4796 It was discovered that the _httpsrequest function in the embedded snoopy version is prone to the execution of arbitrary commands via shell metacharacters in https URLs. CVE-2008-5113 It was discovered that wordpress relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier to perform attacks via crafted cookies. For the stable distribution (lenny), these problems have been fixed in version 2.5.1-11+lenny1. For the oldstable distribution (etch), these problems have been fixed in version 2.0.10-1etch5. For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 2.8.3-1. We recommend that you upgrade your wordpress packages. |
Original Source
Url : http://www.debian.org/security/2009/dsa-1871 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-6 | Argument Injection |
CAPEC-15 | Command Delimiters |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-88 | OS Command Injection |
CAPEC-108 | Command Line Execution through SQL Injection |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
20 % | CWE-264 | Permissions, Privileges, and Access Controls |
20 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
10 % | CWE-352 | Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25) |
10 % | CWE-287 | Improper Authentication |
10 % | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25) |
10 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
10 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
10 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12947 | |||
Oval ID: | oval:org.mitre.oval:def:12947 | ||
Title: | DSA-1871-2 wordpress -- several vulnerabilities | ||
Description: | The previous wordpress update introduced a regression when fixing CVE-2008-4769 due to a function that was not backported with the patch. Please note that this regression only affects the oldstable distribution. For reference the original advisory text follows. Several vulnerabilities have been discovered in wordpress, weblog manager. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-6762 It was discovered that wordpress is prone to an open redirect vulnerability which allows remote attackers to conduct phishing atacks. CVE-2008-6767 It was discovered that remote attackers had the ability to trigger an application upgrade, which could lead to a denial of service attack. CVE-2009-2334 It was discovered that wordpress lacks authentication checks in the plugin configuration, which might leak sensitive information. CVE-2009-2854 It was discovered that wordpress lacks authentication checks in various actions, thus allowing remote attackers to produce unauthorised edits or additions. CVE-2009-2851 It was discovered that the administrator interface is prone to a cross-site scripting attack. CVE-2009-2853 It was discovered that remote attackers can gain privileges via certain direct requests. CVE-2008-1502 It was discovered that the _bad_protocol_once function in KSES, as used by wordpress, allows remote attackers to perform cross-site scripting attacks. CVE-2008-4106 It was discovered that wordpress lacks certain checks around user information, which could be used by attackers to change the password of a user. CVE-2008-4769 It was discovered that the get_category_template function is prone to a directory traversal vulnerability, which could lead to the execution of arbitrary code. CVE-2008-4796 It was discovered that the _httpsrequest function in the embedded snoopy version is prone to the execution of arbitrary commands via shell metacharacters in https URLs. CVE-2008-5113 It was discovered that wordpress relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier to perform attacks via crafted cookies. For the stable distribution, these problems have been fixed in version 2.5.1-11+lenny1. For the oldstable distribution, these problems have been fixed in version 2.0.10-1etch5. For the testing distribution and the unstable distribution, these problems have been fixed in version 2.8.3-1. We recommend that you upgrade your wordpress packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1871-2 CVE-2008-6762 CVE-2008-6767 CVE-2009-2334 CVE-2009-2854 CVE-2009-2851 CVE-2009-2853 CVE-2008-1502 CVE-2008-4106 CVE-2008-4769 CVE-2008-4796 CVE-2008-5113 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | wordpress |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13072 | |||
Oval ID: | oval:org.mitre.oval:def:13072 | ||
Title: | DSA-1871-1 wordpress -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in wordpress, weblog manager. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-6762 It was discovered that wordpress is prone to an open redirect vulnerability which allows remote attackers to conduct phishing atacks. CVE-2008-6767 It was discovered that remote attackers had the ability to trigger an application upgrade, which could lead to a denial of service attack. CVE-2009-2334 It was discovered that wordpress lacks authentication checks in the plugin configuration, which might leak sensitive information. CVE-2009-2854 It was discovered that wordpress lacks authentication checks in various actions, thus allowing remote attackers to produce unauthorised edits or additions. CVE-2009-2851 It was discovered that the administrator interface is prone to a cross-site scripting attack. CVE-2009-2853 It was discovered that remote attackers can gain privileges via certain direct requests. CVE-2008-1502 It was discovered that the _bad_protocol_once function in KSES, as used by wordpress, allows remote attackers to perform cross-site scripting attacks. CVE-2008-4106 It was discovered that wordpress lacks certain checks around user information, which could be used by attackers to change the password of a user. CVE-2008-4769 It was discovered that the get_category_template function is prone to a directory traversal vulnerability, which could lead to the execution of arbitrary code. CVE-2008-4796 It was discovered that the _httpsrequest function in the embedded snoopy version is prone to the execution of arbitrary commands via shell metacharacters in https URLs. CVE-2008-5113 It was discovered that wordpress relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier to perform attacks via crafted cookies. For the stable distribution, these problems have been fixed in version 2.5.1-11+lenny1. For the oldstable distribution, these problems have been fixed in version 2.0.10-1etch4. For the testing distribution and the unstable distribution, these problems have been fixed in version 2.8.3-1. We recommend that you upgrade your wordpress packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1871-1 CVE-2008-6762 CVE-2008-6767 CVE-2009-2334 CVE-2009-2854 CVE-2009-2851 CVE-2009-2853 CVE-2008-1502 CVE-2008-4106 CVE-2008-4769 CVE-2008-4796 CVE-2008-5113 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | wordpress |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17657 | |||
Oval ID: | oval:org.mitre.oval:def:17657 | ||
Title: | USN-658-1 -- moodle vulnerability | ||
Description: | Lukasz Pilorz discovered that the HTML filtering used in Moodle was not strict enough. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-658-1 CVE-2008-1502 | Version: | 7 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.04 | Product(s): | moodle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8072 | |||
Oval ID: | oval:org.mitre.oval:def:8072 | ||
Title: | DSA-1871 wordpress -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in wordpress, weblog manager. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that wordpress is prone to an open redirect vulnerability which allows remote attackers to conduct phishing atacks. It was discovered that remote attackers had the ability to trigger an application upgrade, which could lead to a denial of service attack. It was discovered that wordpress lacks authentication checks in the plugin configuration, which might leak sensitive information. It was discovered that wordpress lacks authentication checks in various actions, thus allowing remote attackers to produce unauthorised edits or additions. It was discovered that the administrator interface is prone to a cross-site scripting attack. It was discovered that remote attackers can gain privileges via certain direct requests. It was discovered that the _bad_protocol_once function in KSES, as used by wordpress, allows remote attackers to perform cross-site scripting attacks. It was discovered that wordpress lacks certain checks around user information, which could be used by attackers to change the password of a user. It was discovered that the get_category_template function is prone to a directory traversal vulnerability, which could lead to the execution of arbitrary code. It was discovered that the _httpsrequest function in the embedded snoopy version is prone to the execution of arbitrary commands via shell metacharacters in https URLs. It was discovered that wordpress relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier to perform attacks via crafted cookies. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1871 CVE-2008-6762 CVE-2008-6767 CVE-2009-2334 CVE-2009-2854 CVE-2009-2851 CVE-2009-2853 CVE-2008-1502 CVE-2008-4106 CVE-2008-4769 CVE-2008-4796 CVE-2008-5113 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | wordpress |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2009-07-10 | WordPress Privileges Unchecked in admin.php and Multiple Information |
OpenVAS Exploits
Date | Description |
---|---|
2010-03-02 | Name : Fedora Update for wordpress-mu FEDORA-2009-12547 File : nvt/gb_fedora_2009_12547_wordpress-mu_fc11.nasl |
2009-12-14 | Name : Fedora Core 10 FEDORA-2009-13040 (moodle) File : nvt/fcore_2009_13040.nasl |
2009-11-17 | Name : Fedora Core 11 FEDORA-2009-11260 (wordpress-mu) File : nvt/fcore_2009_11260.nasl |
2009-11-17 | Name : Fedora Core 10 FEDORA-2009-11292 (wordpress-mu) File : nvt/fcore_2009_11292.nasl |
2009-10-19 | Name : Mandrake Security Advisory MDVSA-2009:265 (egroupware) File : nvt/mdksa_2009_265.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1871-1 (wordpress) File : nvt/deb_1871_1.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1871-2 (wordpress) File : nvt/deb_1871_2.nasl |
2009-09-02 | Name : Fedora Core 10 FEDORA-2009-8538 (wordpress-mu) File : nvt/fcore_2009_8538.nasl |
2009-09-02 | Name : Fedora Core 11 FEDORA-2009-8529 (wordpress-mu) File : nvt/fcore_2009_8529.nasl |
2009-08-20 | Name : WordPress 'wp-admin' Multiple Vulnerabilities - Aug09 File : nvt/secpod_wordpress_mult_vuln_aug09.nasl |
2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8114 (wordpress) File : nvt/fcore_2009_8114.nasl |
2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8109 (wordpress) File : nvt/fcore_2009_8109.nasl |
2009-07-29 | Name : Ubuntu USN-802-1 (apache2) File : nvt/ubuntu_802_1.nasl |
2009-07-29 | Name : Fedora Core 10 FEDORA-2009-7729 (wordpress) File : nvt/fcore_2009_7729.nasl |
2009-07-29 | Name : Fedora Core 11 FEDORA-2009-7701 (wordpress) File : nvt/fcore_2009_7701.nasl |
2009-07-29 | Name : Ubuntu USN-799-1 (dbus) File : nvt/ubuntu_799_1.nasl |
2009-07-29 | Name : Ubuntu USN-801-1 (tiff) File : nvt/ubuntu_801_1.nasl |
2009-07-22 | Name : WordPress Comment Author URI Cross-Site Scripting Vulnerability File : nvt/WordPress_35755.nasl |
2009-07-18 | Name : WordPress MU Multiple Vulnerabilities - July09 File : nvt/gb_wordpressmu_mult_vuln_jul09.nasl |
2009-07-18 | Name : WordPress Multiple Vulnerabilities - July09 File : nvt/gb_wordpress_mult_vuln_jul09.nasl |
2009-06-30 | Name : Ubuntu USN-791-1 (moodle) File : nvt/ubuntu_791_1.nasl |
2009-06-05 | Name : Ubuntu USN-698-1 (nagios) File : nvt/ubuntu_698_1.nasl |
2009-05-11 | Name : Wordpress Multiple Vulnerabilities File : nvt/gb_wordpress_mult_vuln_may09.nasl |
2009-04-06 | Name : Fedora Core 9 FEDORA-2009-3283 (moodle) File : nvt/fcore_2009_3283.nasl |
2009-04-06 | Name : Fedora Core 10 FEDORA-2009-3280 (moodle) File : nvt/fcore_2009_3280.nasl |
2009-03-23 | Name : Ubuntu Update for moodle vulnerability USN-658-1 File : nvt/gb_ubuntu_USN_658_1.nasl |
2009-02-18 | Name : Fedora Core 10 FEDORA-2009-1699 (moodle) File : nvt/fcore_2009_1699.nasl |
2009-02-17 | Name : Fedora Update for wordpress FEDORA-2008-7760 File : nvt/gb_fedora_2008_7760_wordpress_fc8.nasl |
2009-02-17 | Name : Fedora Update for moodle FEDORA-2008-9903 File : nvt/gb_fedora_2008_9903_moodle_fc10.nasl |
2009-02-17 | Name : Fedora Update for moodle FEDORA-2008-9502 File : nvt/gb_fedora_2008_9502_moodle_fc8.nasl |
2009-02-17 | Name : Fedora Update for wordpress FEDORA-2008-9304 File : nvt/gb_fedora_2008_9304_wordpress_fc8.nasl |
2009-02-17 | Name : Fedora Update for wordpress FEDORA-2008-9257 File : nvt/gb_fedora_2008_9257_wordpress_fc9.nasl |
2009-02-17 | Name : Fedora Update for moodle FEDORA-2008-9508 File : nvt/gb_fedora_2008_9508_moodle_fc9.nasl |
2009-02-17 | Name : Fedora Update for wordpress FEDORA-2008-7902 File : nvt/gb_fedora_2008_7902_wordpress_fc9.nasl |
2009-02-17 | Name : Fedora Update for moodle FEDORA-2008-6226 File : nvt/gb_fedora_2008_6226_moodle_fc8.nasl |
2009-02-13 | Name : Fedora Update for moodle FEDORA-2008-11577 File : nvt/gb_fedora_2008_11577_moodle_fc9.nasl |
2009-02-13 | Name : Fedora Update for moodle FEDORA-2008-11550 File : nvt/gb_fedora_2008_11550_moodle_fc10.nasl |
2009-02-13 | Name : Fedora Core 9 FEDORA-2009-1641 (moodle) File : nvt/fcore_2009_1641.nasl |
2009-01-26 | Name : Fedora Core 9 FEDORA-2009-0814 (moodle) File : nvt/fcore_2009_0814.nasl |
2009-01-26 | Name : Fedora Core 10 FEDORA-2009-0819 (moodle) File : nvt/fcore_2009_0819.nasl |
2008-12-29 | Name : Debian Security Advisory DSA 1691-1 (moodle) File : nvt/deb_1691_1.nasl |
2008-12-29 | Name : Ubuntu USN-699-1 (blender) File : nvt/ubuntu_699_1.nasl |
2008-12-29 | Name : Ubuntu USN-698-2 (nagios3) File : nvt/ubuntu_698_2.nasl |
2008-11-21 | Name : WordPress _REQUEST array Cross Site Request Forgery (CSRF) Vulnerability File : nvt/gb_wordpress_request_array_csrf_vuln.nasl |
2008-11-05 | Name : WordPress cat Parameter Directory Traversal Vulnerability File : nvt/gb_wordpress_dir_trav_vuln.nasl |
2008-11-01 | Name : FreeBSD Ports: wordpress, de-wordpress, wordpress-mu File : nvt/freebsd_wordpress8.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-04 (egroupware) File : nvt/glsa_200805_04.nasl |
2008-09-17 | Name : FreeBSD Ports: wordpress, de-wordpress File : nvt/freebsd_wordpress7.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
57212 | WordPress wp-admin/ Multiple Script Direct Request Remote Privilege Escalation |
56193 | WordPress Comment Author URL XSS |
55715 | WordPress Plugin Configuration Module Exclude Actions By Term Field XSS WordPress plugin configuration module contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the exclude actions by term field upon submission to the module. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
55712 | WordPress admin.php page Parameter Arbitrary Plugin Configuration Disclosure |
54714 | WordPress wp-admin/upgrade.php Direct Request Remote Unauthorized Application... |
52213 | WordPress wp-admin/upgrade.php backto Parameter XSS WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'backto' parameter upon submission to the 'wp-admin/upgrade.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
50881 | WordPress REQUEST Superglobal Array Crafted Cookie Handling CSRF |
49261 | Snoopy _httpsrequest() Function Arbitrary Shell Command Injection |
48022 | WordPress Registration SQL Truncation Administrator Password Manipulation |
44591 | WordPress wp-includes/theme.php get_category_template() Function cat Paramete... |
43677 | KSES class.kses.inc.php _bad_protocol_once() Function HTML Filter Bypass |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | wordpress cat parameter arbitrary file execution attempt RuleID : 15432 - Revision : 11 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-10-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2017-899.nasl - Type : ACT_GATHER_INFO |
2017-02-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201702-26.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1871.nasl - Type : ACT_GATHER_INFO |
2009-08-18 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8538.nasl - Type : ACT_GATHER_INFO |
2009-08-18 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8529.nasl - Type : ACT_GATHER_INFO |
2009-07-30 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8114.nasl - Type : ACT_GATHER_INFO |
2009-07-30 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8109.nasl - Type : ACT_GATHER_INFO |
2009-07-20 | Name : The remote Fedora host is missing a security update. File : fedora_2009-7701.nasl - Type : ACT_GATHER_INFO |
2009-07-20 | Name : The remote Fedora host is missing a security update. File : fedora_2009-7729.nasl - Type : ACT_GATHER_INFO |
2009-06-25 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-791-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-658-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9903.nasl - Type : ACT_GATHER_INFO |
2008-12-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1691.nasl - Type : ACT_GATHER_INFO |
2008-11-09 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9508.nasl - Type : ACT_GATHER_INFO |
2008-11-09 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9502.nasl - Type : ACT_GATHER_INFO |
2008-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9304.nasl - Type : ACT_GATHER_INFO |
2008-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9257.nasl - Type : ACT_GATHER_INFO |
2008-10-27 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3a4a3e9ca1fe11dd81be001c2514716c.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-7902.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-7760.nasl - Type : ACT_GATHER_INFO |
2008-09-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_884fced77f1c11dda66a0019666436c2.nasl - Type : ACT_GATHER_INFO |
2008-07-16 | Name : The remote openSUSE host is missing a security update. File : suse_moodle-5439.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6226.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-04.nasl - Type : ACT_GATHER_INFO |
2008-04-29 | Name : The remote web server contains a PHP application that is affected by a local ... File : wordpress_cat_file_include.nasl - Type : ACT_ATTACK |
Alert History
Date | Informations |
---|---|
2014-02-17 11:28:46 |
|