xmlrpc.php file enabled - data.gov

Disclosed: 2019-08-19 17:02:17 By zddw To gsa_bbp

Medium

Vulnerability Details

Wordpress that have xmlrpc.php enabled for pingbacks, trackbacks, etc. can be made as a part of a huge botnet causing a major DDOS. this website www.data.gov has the xmlrpc.php file enabled. ## Impact This can be automated from multiple hosts and be used to cause a mass DDOS attack on the victim.

Actions

View on HackerOne

Report Stats

Report ID: 673384
State: Closed
Substate: duplicate
Upvotes: 10

xmlrpc.php file enabled - data.gov

Vulnerability Details

Actions

Report Stats

Share this report