CVE-2007-1277: CVE-2007-1277

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-1277

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007, contains an externally introduced backdoor that allows remote attackers to execute arbitrary commands via (1) an eval injection vulnerability in the ix parameter to wp-includes/feed.php, and (2) an untrusted passthru call in the iz parameter to wp-includes/theme.php.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

WordPress 2.1.1远程命令执行后门漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

WordPress是一款免费的论坛Blog系统。 WordPress提供软件下载的网站被入侵，入侵者修改了软件代码码植入远程可执行命令的后门，远程攻击者可能利用这个后门以Web进程权限在安装了恶意版本WordPress的服务器上执行任意命令。被修改的文件是wp-includes/feed.php和wp-includes/theme.php，被添加了如下代码：在wp-includes/feed.php文件中： function comment_text_phpfilter($filterdata) {

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-1277

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-1277

Please Login to view more intelligence information

http://ifsec.blogspot.com/2007/03/wordpress-code-compromised-to-enable.htmlx_refsource_MISC
http://wordpress.org/development/2007/03/upgrade-212/x_refsource_CONFIRM
http://secunia.com/advisories/24374third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/22797vdb-entryx_refsource_BID
http://www.kb.cert.org/vuls/id/641456third-party-advisoryx_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/214480third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2007/0812vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/32804vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/32807vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/461794/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-1277

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-1277

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2007-1277

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-1277

III. Intelligence Information for CVE-2007-1277

IV. Related Vulnerabilities

V. Comments for CVE-2007-1277

Leave a comment