Description

SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.

Remediation

References

CVE-2008-0616

Related Vulnerabilities

WordPress Plugin WP Customer Area Cross-Site Scripting (7.4.2)

WordPress Plugin Translate WordPress with GTranslate Cross-Site Scripting (2.8.51)

Joomla Improper Authentication Vulnerability (CVE-2022-23795)

PHP Other Vulnerability (CVE-2007-1375)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5610)

Severity

Medium

Classification

CVE-2008-0616 CWE-138

Tags

Missing Update Known Vulnerabilities