|
|
Log in / Subscribe / Register

wordpress: arbitrary command execution

Package(s):wordpress CVE #(s):CVE-2006-2667 CVE-2006-2702
Created:June 12, 2006 Updated:June 14, 2006
Description: WordPress insufficiently checks the format of cached username data. An attacker could exploit this vulnerability to execute arbitrary commands by sending a specially crafted username. As of Wordpress 2.0.2 the user data cache is disabled as the default.
Alerts:
Gentoo 200606-08 wordpress 2006-06-09
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds