Published: 12/02/2008 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin prior to 3.72 for Wordpress allows remote malicious users to execute arbitrary SQL commands via the id parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordspew
wordpress wordspew 3.7
wordpress wordspew 3.31
wordpress wordspew 3.3
wordpress wordspew 3.01
wordpress wordspew 3.0
wordpress wordspew 2.85
wordpress wordspew 2.8
wordpress wordspew 2.2
wordpress wordspew 2.1
wordpress wordspew 3.6
wordpress wordspew 3.52
wordpress wordspew 3.2
wordpress wordspew 3.16
wordpress wordspew 2.95
wordpress wordspew 2.94
wordpress wordspew 2.7
wordpress wordspew 2.6
wordpress wordspew 2.0
wordpress wordspew 1.8
wordpress wordspew 1.7
wordpress wordspew 3.33
wordpress wordspew 3.32
wordpress wordspew 3.021
wordpress wordspew 3.02
wordpress wordspew 2.91
wordpress wordspew 2.9
wordpress wordspew 2.31
wordpress wordspew 2.3
wordpress wordspew 3.51
wordpress wordspew 3.34
wordpress wordspew 3.15
wordpress wordspew 3.1
wordpress wordspew 3.022
wordpress wordspew 2.93
wordpress wordspew 2.92
wordpress wordspew 2.5
wordpress wordspew 2.32
wordpress wordspew 1.6

######################################################################### # # Wordpress Plugin (wordspew-rssphp) SQL Injection # ######################################################################### # # AUTHOR : S@BUN # # HOME : wwwhackturkiyecom/ ######################################################################### DORK 1 : all ...

CWE-89 http://secunia.com/advisories/28767 http://pierre.sudarovich.free.fr/index.php/2006/02/28/ajax-shoutbox/http://www.securityfocus.com/bid/27583 https://www.exploit-db.com/exploits/5039 https://nvd.nist.gov https://www.exploit-db.com/exploits/5039/

CVE-2008-0682

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect