Описание
Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by wpf.class.php, (2) id parameter in an editpost action to index.php, which is not properly handled by wpf-post.php, or (3) topic parameter to feed.php.
Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by wpf.class.php, (2) id parameter in an editpost action to index.php, which is not properly handled by wpf-post.php, or (3) topic parameter to feed.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-1047
- http://osvdb.org/70993
- http://osvdb.org/70994
- http://secunia.com/advisories/43306
- http://securityreason.com/securityalert/8099
- http://www.htbridge.ch/advisory/sql_injection_in_wp_forum_server_wordpress_plugin.html
- http://www.htbridge.ch/advisory/sql_injection_in_wp_forum_server_wordpress_plugin_1.html
- http://www.htbridge.ch/advisory/sql_injection_in_wp_forum_server_wordpress_plugin_2.html
- http://www.securityfocus.com/archive/1/516400/100/0/threaded
- http://www.securityfocus.com/archive/1/516402/100/0/threaded
- http://www.securityfocus.com/bid/46362
Связанные уязвимости
Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by wpf.class.php, (2) id parameter in an editpost action to index.php, which is not properly handled by wpf-post.php, or (3) topic parameter to feed.php.