CVE-2006-3389
EPSS 1.2%
描述
index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL table prefixes, via an invalid paged parameter, which displays the information in an SQL error message. NOTE: this issue has been disputed by a third party who states that the issue does not leak any target-specific information.
如何修補 CVE-2006-3389
要修補 CVE-2006-3389,請將受影響套件升級到下列已修補版本。
- Debian/wordpress—升級至 2.0.4-1 或更新版本
CVE-2006-3389 正在被利用嗎?
低 — EPSS 為 1.2%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 2.0.4-1