Vendor CVEs
WordPress
All CVEs
32,708 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-2109 | 0.00 | — | 0.03 | Jul 5, 2005 | wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use. | |||
| CVE-2005-1810 | 0.00 | — | 0.03 | Jun 1, 2005 | SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php. | |||
| CVE-2005-1687 | 0.00 | — | 0.02 | May 20, 2005 | SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. | |||
| CVE-2005-1102 | 0.00 | — | 0.03 | May 2, 2005 | Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post. | |||
| CVE-2004-1431 | 0.00 | — | 0.02 | Dec 31, 2004 | FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in the ar_file (auto-reply) parameter. | |||
| CVE-2003-1528 | 0.00 | — | 0.00 | Dec 31, 2003 | nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file. | |||
| CVE-2001-0910 | 0.00 | — | 0.02 | Nov 21, 2001 | Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse… | |||
| CVE-1999-1139 | 0.00 | — | 0.00 | Sep 1, 1997 | Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. |
- CVE-2005-2109Jul 5, 2005risk 0.00cvss —epss 0.03
wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.
- CVE-2005-1810Jun 1, 2005risk 0.00cvss —epss 0.03
SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php.
- CVE-2005-1687May 20, 2005risk 0.00cvss —epss 0.02
SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter.
- CVE-2005-1102May 2, 2005risk 0.00cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post.
- CVE-2004-1431Dec 31, 2004risk 0.00cvss —epss 0.02
FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in the ar_file (auto-reply) parameter.
- CVE-2003-1528Dec 31, 2003risk 0.00cvss —epss 0.00
nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file.
- CVE-2001-0910Nov 21, 2001risk 0.00cvss —epss 0.02
Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse…
- CVE-1999-1139Sep 1, 1997risk 0.00cvss —epss 0.00
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
Page 655 of 655