| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-3238 | 6.0 |
Cross-site scripting (XSS) vulnerability in functions.php in the default theme in WordPress 2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI) to wp-admin/themes.php, a different vuln
|
16-10-2018 - 16:47 | 15-06-2007 - 01:30 | |
| CVE-2007-2821 | 7.5 |
SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attackers to execute arbitrary SQL commands via the cookie parameter.
|
16-10-2018 - 16:45 | 22-05-2007 - 21:30 | |
| CVE-2008-0194 | 7.5 |
Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.p
|
15-10-2018 - 21:58 | 10-01-2008 - 00:46 | |
| CVE-2008-0193 | 4.3 |
Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp
|
15-10-2018 - 21:58 | 10-01-2008 - 00:46 |