PT-2008-2241 · WordPress · Dmsguestbook
Nbbn
·
Published
2008-02-06
·
Updated
2023-08-02
·
CVE-2008-0616
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
DMSGuestbook version 1.7.0
Description
A SQL injection issue exists in the administration panel of the DMSGuestbook plugin for WordPress, allowing remote authenticated administrators to execute arbitrary SQL commands. It is unclear whether this issue crosses privilege boundaries.
Recommendations
For version 1.7.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dmsguestbook