SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Forum/Board/Portal)  >   WordPress Vendors:   wordpress.org
WordPress Input Validation Flaw Lets Remote Users Inject SQL Commands and Execute Arbitrary PHP Code
SecurityTracker Alert ID:  1006937
SecurityTracker URL:  http://securitytracker.com/id/1006937
CVE Reference:   CVE-2003-1598, CVE-2003-1599   (Links to External Site)
Updated:  Oct 28 2014
Original Entry Date:  Jun 6 2003
Impact:   Execution of arbitrary code via network, User access via network
Exploit Included:  Yes  
Version(s): 0.7
Description:   Several vulnerabilities were reported in WordPress. A remote user can execute arbitrary code on the target server. A remote user can also inject SQL commands to gain administrative privileges on the application.

FraMe (frame at kernelpanik.org) reported that a remote user can execute commands using the '/wp-links/links.all.php' script by specifying a remote location for the $$abspath variable [CVE-2003-1599]. The PHP code located at the remote location will be executed on the target server with the privileges of the web server, according to the report.

It is also reported that a remote user can inject SQL commands via the $$posts variable in the '/blog.header.php' script [CVE-2003-1598]. A remote user can obtain administrative privileges on the application. This vulnerability is present in the b2 cafelog software (WordPress is an add-on to b2).

Impact:   A remote user can insert SQL commands to gain administrative privileges on the application.

A remote user can cause arbitrary PHP code, including operating system commands, to be executed on the target server with the privileges of the web server.

Solution:   No solution was available at the time of this entry.
Vendor URL:  wordpress.org/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  WordPress 0.7 vulnerability


http://www.kernelpanik.org/docs/kernelpanik/wordpressadv.txt

FraMe (frame at kernelpanik.org) reported a vulnerability in WordPress 0.7, and add-on to 
the b2 blog software.

It is reported that a remote user can execute commands using the '/wp-links/links.all.php' 
script by specifying a remote location for the $$abspath variable.  The PHP code located 
at the remote location will be executed on the target server with the privileges of the 
web server, according to the report.

It is also reported that a remote user can inject SQL commands via the $$posts variable in 
the '/blog.header.php' script.  A remote user can obtain administrative privileges on the 
application.

http://wordpress.org/



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC