CVE-2008-2392

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/29276", "name": "29276", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://securityreason.com/securityalert/3897", "name": "3897", "tags": ["Third Party Advisory"], "refsource": "SREASON"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42561", "name": "wordpress-writetabs-file-upload(42561)", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/492230/100/0/threaded", "name": "20080519 Wordpress Malicious File Execution Vulnerability", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-2392", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2008-05-21T13:24Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.5.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-31T18:37Z"}