CVE-2009-2143

Currently unrated

Key Information:

Vendor: Wordpress
Status: Firestats
Vendor: CVE Published:; 22 June 2009

Summary

PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the fs_javascript parameter.

References

http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009

x_refsource_CONFIRM

http://secunia.com/advisories/35400

third-party-advisoryx_refsource_SECUNIA

https://www.exploit-db.com/exploits/8945

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability published
Jun 22, 2009
Vulnerability Reserved
Jun 22, 2009