2 matches found
CVE-2009-2144
The CVE-2009-2144 entry concerns the FireStats WordPress plugin. Affected: FireStats prior to version 1.6.2-stable. Vulnerability type: SQL injection due to improper handling of user-supplied data in the plugin, allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. ...
CVE-2009-2143
CVE-2009-2143 affects the FireStats WordPress plugin prior to 1.6.2-stable. A remote file inclusion exists in the fs_javascript parameter of firestats-wordpress.php , allowing an attacker to execute arbitrary PHP code by supplying a URL. The vulnerability stems from insufficient input handling, e...