Lucene search
HistoryMay 15, 2015 - 6:59 p.m.
CVE-2015-3325
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.001
Percentile
41.7%
SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERY_STRING to the default URI.
Affected configurations
Node
wpsymposiumwp_symposiumRange≤15.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpsymposium | wp_symposium | * | cpe:2.3:a:wpsymposium:wp_symposium:*:*:*:*:*:wordpress:*:* |
Related
exploitdb
exploitdb
WordPress Plugin WP Symposium 15.1 - '&show=' SQL Injection
2015-05-21 00:00:00
packetstorm
packetstorm
WordPress WP Symposium 15.1 SQL Injection
2015-05-07 00:00:00
dsquare
dsquare
Wordpress WP Symposium 15.1 SQL Injection
2016-01-12 00:00:00
wpvulndb
wpvulndb
WP Symposium <= 15.1 - SQL Injection
2015-04-14 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2015-3325
2015-05-15 18:00:00
cve
cve
CVE-2015-3325
2015-05-15 18:59:01
prion
prion
Sql injection
2015-05-15 18:59:00
exploitpack
exploitpack
WordPress Plugin WP Symposium 15.1 - show SQL Injection
2015-05-21 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.001
Percentile
41.7%
Related for NVD:CVE-2015-3325