PT-2023-9862 · Unknown · The Hackers Diet Plugin

Afex

Publicado

2023-10-29

Atualizado

2024-05-17

CVE-2007-10003

CVSS v2.0

6.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions The Hackers Diet Plugin versions up to 0.9.6b

Description A critical issue has been found in the processing of the file ajax blurb.php of the component HTTP POST Request Handler. The manipulation of the argument user leads to sql injection. The attack may be initiated remotely.

Recommendations For The Hackers Diet Plugin versions up to 0.9.6b, upgrade to version 0.9.7b to address this issue. As a temporary workaround, consider restricting access to the ajax blurb.php file until the upgrade is applied.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2007-10003

Produtos afetados

The Hackers Diet Plugin

PT-2023-9862 · Unknown · The Hackers Diet Plugin

CVE-2007-10003

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6