CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-0191

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.7%

CVSS Severity

CVSS v2 Score 5.0

References

http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html
http://securityreason.com/securityalert/3539
http://securityvulns.ru/Sdocument663.html
http://websecurity.com.ua/1634/
http://www.securityfocus.com/archive/1/485786/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/39423
http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html
http://securityreason.com/securityalert/3539
http://securityvulns.ru/Sdocument663.html
http://websecurity.com.ua/1634/
http://www.securityfocus.com/archive/1/485786/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/39423

Products affected by CVE-2008-0191

Wordpress » Wordpress » Version: 2.2

cpe:2.3:a:wordpress:wordpress:2.2
Wordpress » Wordpress » Version: 2.3

cpe:2.3:a:wordpress:wordpress:2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-0191

Products

Pricing

Contact Us