CVE-2007-5229
published 2007-10-05CVE-2007-5229: Cross-site request forgery (CSRF) vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress allows remote attackers to change settings and hijack blog…
PriorityP431medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EXPLOIT
EPSS
4.90%
91.0th percentile
Cross-site request forgery (CSRF) vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress allows remote attackers to change settings and hijack blog feeds via a request to wp-admin/options-general.php that submits parameter values to FeedBurner_FeedSmith_Plugin.php, as demonstrated by the (1) feedburner_url and (2) feedburner_comments_url parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| feedburner | feedsmith | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WordPress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
exploitdb·2007-10-04
CVE-2007-5229 WordPress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
WordPress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
---
source: https://www.securityfocus.com/bid/25921/info
FeedBurner FeedSmith is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to use a victim's currently active session to perform actions with the application.
This issue affects FeedBurner FeedSmith 2.2; other versions may also be affected.
// Simple Proof of Concept Exploit for FeedSmith Feedburner CSRF Hijacking
// Tested on version 2.2.
t='http://www.example.com/wordpress/wp-admin/options-general.php?
page=FeedBurner_FeedSmith_Plugin.php';
p='redirect=true&feedburner_url=http://www.example2.com/with/new/feed&
feedburner_comments_url=http://www.example3.com/with/new/feed';
feedburner_csrf = func
Exploit-DB
Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
exploitdb·2007-02-13·CVSS 5.0
CVE-2006-5229 [MEDIUM] Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
---
#!/bin/bash
#
# $Id: raptor_sshtime,v 1.1 2007/02/13 16:38:57 raptor Exp $
#
# raptor_sshtime - [Open]SSH remote timing attack exploit
# Copyright (c) 2006 Marco Ivaldi
#
# OpenSSH-portable 3.6.1p1 and earlier with PAM support enabled immediately
# sends an error message when a user does not exist, which allows remote
# attackers to determine valid usernames via a timing attack (CVE-2003-0190).
#
# OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions,
# and possibly under limited configurations, allows remote attackers to
# determine valid usernames via timing discrepancies in which responses take
# longer for valid usernames than invalid ones, as demonstrated by sshtime.
# NOTE: as of 20061014, it appears
No writeups or analysis indexed.
http://blogs.feedburner.com/feedburner/archives/2007/10/the_feedsmith_plugin_newly_for.phphttp://blogsecurity.net/wordpress/feedburner-feed-hijacking/http://blogsecurity.net/wordpress/feedsmith-feedburner-vulnerability-fixed/http://marc.info/?l=full-disclosure&m=119145344606493&w=2http://secunia.com/advisories/27055http://www.securityfocus.com/bid/25921https://exchange.xforce.ibmcloud.com/vulnerabilities/36940https://www.exploit-db.com/exploits/30637/http://blogs.feedburner.com/feedburner/archives/2007/10/the_feedsmith_plugin_newly_for.phphttp://blogsecurity.net/wordpress/feedburner-feed-hijacking/http://blogsecurity.net/wordpress/feedsmith-feedburner-vulnerability-fixed/http://marc.info/?l=full-disclosure&m=119145344606493&w=2http://secunia.com/advisories/27055http://www.securityfocus.com/bid/25921https://exchange.xforce.ibmcloud.com/vulnerabilities/36940https://www.exploit-db.com/exploits/30637/
2007-10-05
Published