Summary
The host is installed with WordPress and is prone to Directory Traversal Vulnerability.
Impact
Successful attack could lead to execution of arbitrary PHP code and can even access sensitive information.
Impact Level: Application
Solution
Update to Version 2.5.1 or later.
http://wordpress.org/
Insight
The flaw is due to improper validation of input passed via cat parameter to index.php which is not properly sanitized in the get_category_template() function.
Affected
WordPress 2.3.3 and earlier.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-4769 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities