Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2005-2109

wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.

PublishedJul 05, 2005, 04:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://marc.info/?l=bugtraq&m=112006967221438&w=2
http://secunia.com/advisories/15831
http://www.gulftech.org/?node=research&article_id=00085-06282005

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

Vector String

AV:N/AC:L/Au:N/C:N/I:P/A:N

Base SeverityUnknown

Version

2.0

Attack Vector (AV)