Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2009-2143
HistoryJun 22, 2009 - 2:30 p.m.

CVE-2009-2143

2009-06-2214:30:00
CWE-94
mitre
web.nvd.nist.gov
30
cve-2009-2143
php
remote file inclusion
vulnerability
firestats
wordpress
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.007

Percentile

80.6%

JSON

PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the fs_javascript parameter.

Affected configurations

Nvd
Node
wordpresswordpress
AND
firestatsfirestatsRange1.6.1stable
OR
firestatsfirestatsMatch0.9.0-beta
OR
firestatsfirestatsMatch0.9.1-beta
OR
firestatsfirestatsMatch0.9.2-beta
OR
firestatsfirestatsMatch0.9.3-beta
OR
firestatsfirestatsMatch0.9.4-beta
OR
firestatsfirestatsMatch0.9.5-beta
OR
firestatsfirestatsMatch0.9.6-beta
OR
firestatsfirestatsMatch0.9.7-beta
OR
firestatsfirestatsMatch0.9.8-beta
OR
firestatsfirestatsMatch0.9.9
OR
firestatsfirestatsMatch1.0
OR
firestatsfirestatsMatch1.0.0rc1
OR
firestatsfirestatsMatch1.0.1rc2
OR
firestatsfirestatsMatch1.0.2rc3
OR
firestatsfirestatsMatch1.0.2stable
OR
firestatsfirestatsMatch1.1.1rc1
OR
firestatsfirestatsMatch1.1.2rc2
OR
firestatsfirestatsMatch1.1.3rc3
OR
firestatsfirestatsMatch1.1.3rc4
OR
firestatsfirestatsMatch1.1.4rc5
OR
firestatsfirestatsMatch1.1.5stable
OR
firestatsfirestatsMatch1.1.6stable
OR
firestatsfirestatsMatch1.1.7stable
OR
firestatsfirestatsMatch1.1.8stable
OR
firestatsfirestatsMatch1.2.0-beta
OR
firestatsfirestatsMatch1.2.1rc1
OR
firestatsfirestatsMatch1.2.2rc2
OR
firestatsfirestatsMatch1.2.3rc3
OR
firestatsfirestatsMatch1.2.4stable
OR
firestatsfirestatsMatch1.3.0-beta
OR
firestatsfirestatsMatch1.3.1-beta
OR
firestatsfirestatsMatch1.3.2-beta
OR
firestatsfirestatsMatch1.3.3-beta
OR
firestatsfirestatsMatch1.3.4rc1
OR
firestatsfirestatsMatch1.3.5rc2
OR
firestatsfirestatsMatch1.3.6stabe
OR
firestatsfirestatsMatch1.4
OR
firestatsfirestatsMatch1.4.0-beta
OR
firestatsfirestatsMatch1.4.1-beta
OR
firestatsfirestatsMatch1.4.2-beta
OR
firestatsfirestatsMatch1.4.3rc1
OR
firestatsfirestatsMatch1.4.4stable
OR
firestatsfirestatsMatch1.5
OR
firestatsfirestatsMatch1.5.0-beta
OR
firestatsfirestatsMatch1.5.1-beta
OR
firestatsfirestatsMatch1.5.2-beta
OR
firestatsfirestatsMatch1.5.3rc1
OR
firestatsfirestatsMatch1.5.4rc2
OR
firestatsfirestatsMatch1.5.5rc3
OR
firestatsfirestatsMatch1.5.7rc1
OR
firestatsfirestatsMatch1.5.8rc2
OR
firestatsfirestatsMatch1.5.9rc3
OR
firestatsfirestatsMatch1.5.10rc4
OR
firestatsfirestatsMatch1.5.11stable
OR
firestatsfirestatsMatch1.5.12stable
OR
firestatsfirestatsMatch1.6
OR
firestatsfirestatsMatch1.6.0
OR
firestatsfirestatsMatch1.6.0rc1
OR
firestatsfirestatsMatch1.6.0rc2
OR
firestatsfirestatsMatch1.6.0rc3
OR
firestatsfirestatsMatch1.6.0rc4
OR
firestatsfirestatsMatch1.6.0stable
OR
firestatsfirestatsMatch1.6.0-beta1
OR
firestatsfirestatsMatch1.6.0-beta2
OR
firestatsfirestatsMatch1.6.1
VendorProductVersionCPE
wordpresswordpress*cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
firestatsfirestats*cpe:2.3:a:firestats:firestats:*:stable:*:*:*:*:*:*
firestatsfirestats0.9.0-betacpe:2.3:a:firestats:firestats:0.9.0-beta:*:*:*:*:*:*:*
firestatsfirestats0.9.1-betacpe:2.3:a:firestats:firestats:0.9.1-beta:*:*:*:*:*:*:*
firestatsfirestats0.9.2-betacpe:2.3:a:firestats:firestats:0.9.2-beta:*:*:*:*:*:*:*
firestatsfirestats0.9.3-betacpe:2.3:a:firestats:firestats:0.9.3-beta:*:*:*:*:*:*:*
firestatsfirestats0.9.4-betacpe:2.3:a:firestats:firestats:0.9.4-beta:*:*:*:*:*:*:*
firestatsfirestats0.9.5-betacpe:2.3:a:firestats:firestats:0.9.5-beta:*:*:*:*:*:*:*
firestatsfirestats0.9.6-betacpe:2.3:a:firestats:firestats:0.9.6-beta:*:*:*:*:*:*:*
firestatsfirestats0.9.7-betacpe:2.3:a:firestats:firestats:0.9.7-beta:*:*:*:*:*:*:*
Rows per page:
1-10 of 671

Related

cvelist 1
openvas 2
nvd 1
prion 1
patchstack 1
nessus 1
cvelist
cvelist
CVE-2009-2143
2009-06-22 14:00:00
openvas
openvas
FireStats 'firestats-wordpress.php' Remote File Include Vulnerability
2009-06-21 00:00:00
FireStats 'firestats-wordpress.php' Remote File Include Vulnerability
2009-06-21 00:00:00
nvd
nvd
CVE-2009-2143
2009-06-22 14:30:00
prion
prion
Remote file inclusion
2009-06-22 14:30:00
patchstack
patchstack
WordPress FireStats Plugin <= 1.6.1 - Remote File Inclusion
2009-06-22 00:00:00
nessus
nessus
FireStats < 1.6.2 Multiple Vulnerabilities
2009-07-07 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.007

Percentile

80.6%

JSON
Related for CVE-2009-2143
cvelist1openvas2nvd1prion1patchstack1nessus1