Lucene search
MitreCVE-2008-0682HistoryFeb 12, 2008 - 1:00 a.m.
CVE-2008-0682
2008-02-1201:00:00
CWE-89
mitre
web.nvd.nist.gov
23
cve-2008-0682
sql injection
wordspew plugin
wordpress
remote attackers
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.002
Percentile
61.2%
SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected configurations
Node
wordpresswordspewRange≤3.71
ORwordpresswordspewMatch1.6
ORwordpresswordspewMatch1.7
ORwordpresswordspewMatch1.8
ORwordpresswordspewMatch2.0
ORwordpresswordspewMatch2.1
ORwordpresswordspewMatch2.2
ORwordpresswordspewMatch2.3
ORwordpresswordspewMatch2.5
ORwordpresswordspewMatch2.6
ORwordpresswordspewMatch2.7
ORwordpresswordspewMatch2.8
ORwordpresswordspewMatch2.9
ORwordpresswordspewMatch2.31
ORwordpresswordspewMatch2.32
ORwordpresswordspewMatch2.85
ORwordpresswordspewMatch2.91
ORwordpresswordspewMatch2.92
ORwordpresswordspewMatch2.93
ORwordpresswordspewMatch2.94
ORwordpresswordspewMatch2.95
ORwordpresswordspewMatch3.0
ORwordpresswordspewMatch3.01
ORwordpresswordspewMatch3.1
ORwordpresswordspewMatch3.2
ORwordpresswordspewMatch3.02
ORwordpresswordspewMatch3.3
ORwordpresswordspewMatch3.6
ORwordpresswordspewMatch3.7
ORwordpresswordspewMatch3.15
ORwordpresswordspewMatch3.16
ORwordpresswordspewMatch3.021
ORwordpresswordspewMatch3.022
ORwordpresswordspewMatch3.31
ORwordpresswordspewMatch3.32
ORwordpresswordspewMatch3.33
ORwordpresswordspewMatch3.34
ORwordpresswordspewMatch3.51
ORwordpresswordspewMatch3.52
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wordpress | wordspew | * | cpe:2.3:a:wordpress:wordspew:*:*:*:*:*:*:*:* |
| wordpress | wordspew | 1.6 | cpe:2.3:a:wordpress:wordspew:1.6:*:*:*:*:*:*:* |
| wordpress | wordspew | 1.7 | cpe:2.3:a:wordpress:wordspew:1.7:*:*:*:*:*:*:* |
| wordpress | wordspew | 1.8 | cpe:2.3:a:wordpress:wordspew:1.8:*:*:*:*:*:*:* |
| wordpress | wordspew | 2.0 | cpe:2.3:a:wordpress:wordspew:2.0:*:*:*:*:*:*:* |
| wordpress | wordspew | 2.1 | cpe:2.3:a:wordpress:wordspew:2.1:*:*:*:*:*:*:* |
| wordpress | wordspew | 2.2 | cpe:2.3:a:wordpress:wordspew:2.2:*:*:*:*:*:*:* |
| wordpress | wordspew | 2.3 | cpe:2.3:a:wordpress:wordspew:2.3:*:*:*:*:*:*:* |
| wordpress | wordspew | 2.5 | cpe:2.3:a:wordpress:wordspew:2.5:*:*:*:*:*:*:* |
| wordpress | wordspew | 2.6 | cpe:2.3:a:wordpress:wordspew:2.6:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
WordPress Plugin Wordspew - SQL Injection
2008-02-02 00:00:00
nvd
nvd
CVE-2008-0682
2008-02-12 01:00:00
prion
prion
Sql injection
2008-02-12 01:00:00
wpvulndb
wpvulndb
Wordspew - Remote SQL Injection
2014-08-01 00:00:00
cvelist
cvelist
CVE-2008-0682
2008-02-12 00:00:00
patchstack
patchstack
WordPress Wordspew Plugin <= 3.7.1 - SQL Injection
2008-02-11 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.002
Percentile
61.2%
Related for CVE-2008-0682