NVD

Id
6498  
Name
CVE-2008-6767  
Description
wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2009-04-28  
Modified Date
2009-08-26  
Seq
2008-6767  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
37742 6498 CVE-2008-6767 20081222 [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS  View
37743 6498 CVE-2008-6767 DSA-1871  View
37744 6498 CVE-2008-6767 wordpress-upgrade-sec-bypass(50384)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
44571 JVNDB-2009-005578 WordPress の wp-admin/upgrade.php におけるアプリケーションをアップグレードされる脆弱性 WordPress の wp-admin/upgrade.php には、アプリケーションをアップグレードされる、およびサービス運用妨害 (アプリケーションの停止) 状態となる脆弱性が存在します。 CVE-2008-6767 36880 CVE-2008-6767 6498 10 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005578.html 2009-04-28 2012-12-20 View