Sql injection

2013-05-1021:55:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.6%

JSON

SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the theme parameter.

CPENameOperatorVersion
spider_video_playereq2.1

CPE	Name	Operator	Version
	spider_video_player	eq	2.1

References

osvdb.org/92264

packetstormsecurity.com/files/121250/WordPress-Spider-Video-Player-2.1-SQL-Injection.html

packetstormsecurity.com/files/128851/WordPress-HTML5-Flash-Player-SQL-Injection.html

www.securityfocus.com/bid/59021

www.securityfocus.com/bid/70763

exchange.xforce.ibmcloud.com/vulnerabilities/83374

exchange.xforce.ibmcloud.com/vulnerabilities/98332