PHP Remote File Inclusion Vulnerability in Sniplets Plugin for WordPress
CVE-2008-1059

Currently unrated

Key Information:

Vendor

Wordpress
Status
Sniplets Plugin
Vendor
CVE Published:
28 February 2008

What is CVE-2008-1059?

The Sniplets plugin for WordPress versions 1.1.2 and 1.2.2 contains a PHP remote file inclusion vulnerability found in the modules/syntax_highlight.php file. This flaw allows remote attackers to execute arbitrary PHP code by manipulating the 'libpath' parameter within the request URL. Successful exploitation of this vulnerability could lead to unauthorized access and control over affected WordPress installations, putting sensitive data and site integrity at risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/29099
third-party-advisoryx_refsource_SECUNIA
https://www.exploit-db.com/exploits/5194
exploitx_refsource_EXPLOIT-DB
https://exchange.xforce.ibmcloud.com/vulnerabilities/40829
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.