| VID |
210095 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The WordPress program is vulnerable to an SQL injection vulnerability via the adclick.php script in the AdServe plugin. WordPress is a freely available PHP-based publication program that uses a MySQL backend database. WWordPress Adserve plugin for WordPress version 0.2 and other versions could allow a remote attacker to execute arbitrary SQL commands, caused by improper filtering of user-supplied input passed to the 'id' parameter of the 'adclick.php' script. Regardless of PHP's 'magic_quotes_gpc' setting, a remote attacker could exploit this vulnerability to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* References:
http://www.milw0rm.com/exploits/5013
http://www.frsirt.com/english/advisories/2008/0364
http://secunia.com/advisories/28708
* Platforms Affected:
WordPress Adserve plugin for WordPress version 0.2 and other versions
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of February 2008.
As a workaround, edit the source code to ensure that input is properly sanitized. |
| Related URL |
CVE-2008-0507 (CVE) |
| Related URL |
27504 (SecurityFocus) |
| Related URL |
40045 (ISS) |
|
