4 matches found
CVE-2009-2144
SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
FireStats Unspecified SQL Injection Vulnerability
FireStats is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlyin...
FireStats < 1.6.2 Multiple Vulnerabilities
According to its version number, the install of FireStats running on the remote host is affected by multiple vulnerabilities : - A remote file include vulnerability in the 'fsjavascript' parameter of 'firestats-wordpress.php'. CVE-2009-2143 - An unspecified SQL injection vulnerability...
CVE-2009-2144
The CVE-2009-2144 entry concerns the FireStats WordPress plugin. Affected: FireStats prior to version 1.6.2-stable. Vulnerability type: SQL injection due to improper handling of user-supplied data in the plugin, allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. ...