Summary
This host has Wordpress installed and is prone to Multiple Vulnerabilities.
Impact
Attackers can exploit this issue to causes denial of service or to redirect the URL to any malicious website and conduct phishing attacks.
Impact Level: Application
Solution
Upgrade your wordpress to the latest version 2.7.1 http://wordpress.org
Insight
Multiple flaws are due to lack of sanitization in user supplied data which can be exploited through 'wp-admin/upgrade.php' via a direct request and 'wp-admin/upgrade.php' via a URL in the backto parameter.
Affected
Wordpress version 2.6.x
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-6762, CVE-2008-6767 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
- Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability
- AdaptBB Multiple Input Validation Vulnerabilities
- Advantech WebAccess Multiple Vulnerabilities
- Apache Archiva Multiple Remote Command Execution Vulnerabilities