TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2007-1277

N/A

Beschreibung

WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007, contains an externally introduced backdoor that allows remote attackers to execute arbitrary commands via (1) an eval injection vulnerability in the ix parameter to wp-includes/feed.php, and (2) an untrusted passthru call in the iz parameter to wp-includes/theme.php.

CVE Details

CVSS v3.1 BewertungN/A
Veroffentlicht3/5/2007
Zuletzt geandert4/23/2026
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

wordpress:wordpress

Schwachen (CWE)

CWE-20

Referenzen

http://ifsec.blogspot.com/2007/03/wordpress-code-compromised-to-enable.html(cve@mitre.org)
http://secunia.com/advisories/24374(cve@mitre.org)
http://wordpress.org/development/2007/03/upgrade-212/(cve@mitre.org)
http://www.kb.cert.org/vuls/id/214480(cve@mitre.org)
http://www.kb.cert.org/vuls/id/641456(cve@mitre.org)
http://www.securityfocus.com/archive/1/461794/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/22797(cve@mitre.org)
http://www.vupen.com/english/advisories/2007/0812(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32804(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32807(cve@mitre.org)
http://ifsec.blogspot.com/2007/03/wordpress-code-compromised-to-enable.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24374(af854a3a-2127-422b-91ae-364da2661108)
http://wordpress.org/development/2007/03/upgrade-212/(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/214480(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/641456(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/461794/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/22797(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/0812(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32804(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32807(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.