Lucene search

Juan Galiana LaraPATCHSTACK:D9DD06A0C5632F35C9826AFB3667EDC7

HistoryOct 15, 2009 - 12:00 a.m.

WordPress WP Forum Server Plugin <= 2.3 - Multiple SQL Injection

2009-10-1500:00:00

Juan Galiana Lara

patchstack.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

Because of these vulnerabilities, the attackers can execute arbitrary SQL commands.

Solution

           Update the plugin.

CPENameOperatorVersion
wp forum  serverle2.3

CPE	Name	Operator	Version
	wp forum server	le	2.3

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3703

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

Related for PATCHSTACK:D9DD06A0C5632F35C9826AFB3667EDC7