Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1047

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-1047
Last Modified 22 Sep 2011 12:00:00
Published 21 Feb 2011 02:00:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1047

Summary

Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by wpf.class.php, (2) id parameter in an editpost action to index.php, which is not properly handled by wpf-post.php, or (3) topic parameter to feed.php.

Vulnerable Systems

Application

  • Vasthtml Forum Server 1.6.1

  • Vasthtml Forum Server 1.6.5


References

BID - 46362

BUGTRAQ - 20110210 HTB22851: SQL Injection in WP Forum Server wordpress plugin

BUGTRAQ - 20110210 HTB22852: SQL Injection in WP Forum Server wordpress plugin

MISC - http://www.htbridge.ch/advisory/sql_injection_in_wp_forum_server_wordpress_plugin_2.html

MISC - http://www.htbridge.ch/advisory/sql_injection_in_wp_forum_server_wordpress_plugin_1.html

MISC - http://www.htbridge.ch/advisory/sql_injection_in_wp_forum_server_wordpress_plugin.html

SREASON - 8099

SECUNIA - 43306

OSVDB - 70994

OSVDB - 70993


Last Updated: 27 May 2016 10:56:08