CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2108

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=112006967221438&w=2
http://secunia.com/advisories/15831
http://www.gulftech.org/?node=research&article_id=00085-06282005
http://marc.info/?l=bugtraq&m=112006967221438&w=2
http://secunia.com/advisories/15831
http://www.gulftech.org/?node=research&article_id=00085-06282005

Products affected by CVE-2005-2108

Wordpress » Wordpress » Version: 1.0

cpe:2.3:a:wordpress:wordpress:1.0
Wordpress » Wordpress » Version: 1.0.1

cpe:2.3:a:wordpress:wordpress:1.0.1
Wordpress » Wordpress » Version: 1.0.2

cpe:2.3:a:wordpress:wordpress:1.0.2
Wordpress » Wordpress » Version: 1.2

cpe:2.3:a:wordpress:wordpress:1.2
Wordpress » Wordpress » Version: 1.5

cpe:2.3:a:wordpress:wordpress:1.5
Wordpress » Wordpress » Version: 1.5.1

cpe:2.3:a:wordpress:wordpress:1.5.1
Wordpress » Wordpress » Version: 1.5.1.2

cpe:2.3:a:wordpress:wordpress:1.5.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2108

Products

Pricing

Contact Us