Description

SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.

Remediation

References

CVE-2008-0616

Related Vulnerabilities

WordPress Plugin Woocommerce CSV importer Arbitrary File Deletion (3.3.6)

MySQL CVE-2015-4771 Vulnerability (CVE-2015-4771)

WordPress Plugin Rise Blocks-A Complete Gutenberg Page Builder Unspecified Vulnerability (1.0.0)

Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)

WebLogic CVE-2018-2987 Vulnerability (CVE-2018-2987)

Severity

Medium

Classification

CVE-2008-0616 CWE-138

Tags

Missing Update Known Vulnerabilities