CVE-2006-3390
EPSS 1.4%
描述
WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the (1) wp-admin, (2) wp-content, and (3) wp-includes directories, possibly due to uninitialized variables.
如何修補 CVE-2006-3390
要修補 CVE-2006-3390,請將受影響套件升級到下列已修補版本。
- Debian/wordpress—升級至 2.0.4-1 或更新版本
CVE-2006-3390 正在被利用嗎?
低 — EPSS 為 1.4%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 2.0.4-1