CVE

Id
39867  
CVE No.
CVE-2009-2432  
Status
Candidate  
Description
WordPress and WordPress MU before 2.8.1 allow remote attackers to obtain sensitive information via a direct request to wp-settings.php, which reveals the installation path in an error message.  
Phase
Assigned (20090710)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
437955 39867 CVE-2009-2432 BUGTRAQ:20090708 CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information  View
437956 39867 CVE-2009-2432 URL:http://www.securityfocus.com/archive/1/archive/1/504795/100/0/threaded  View
437957 39867 CVE-2009-2432 MISC:http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked  View
437958 39867 CVE-2009-2432 OSVDB:55717  View
437959 39867 CVE-2009-2432 URL:http://www.osvdb.org/55717  View
437960 39867 CVE-2009-2432 SECTRACK:1022528  View
437961 39867 CVE-2009-2432 URL:http://securitytracker.com/id?1022528  View
437962 39867 CVE-2009-2432 VUPEN:ADV-2009-1833  View
437963 39867 CVE-2009-2432 URL:http://www.vupen.com/english/advisories/2009/1833  View
437964 39867 CVE-2009-2432 XF:wordpress-wpsettings-path-disclosure(51734)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
45151 JVNDB-2009-006158 Online Dating Software MyPHPDating の page.php における SQL インジェクションの脆弱性 Online Dating Software MyPHPDating の page.php には、SQL インジェクションの脆弱性が存在します。 CVE-2009-2436 39867 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-006158.html  View