CVE-2009-4170

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP-cumulus
Vendor: CVE Published:; 2 December 2009

Summary

WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, allows remote attackers to obtain sensitive information via a crafted request to wp-cumulus.php, probably without parameters, which reveals the installation path in an error message.

References

http://websecurity.com.ua/3665/

x_refsource_MISC

http://www.securityfocus.com/archive/1/508071/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Dec 2, 2009
Vulnerability Reserved
Dec 2, 2009