CVE-2009-3703 - Vulnerability Details - OpenCVE

Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fahlstad	Wp-forum
Wordpress	Wordpress

Configuration 1 [-]

AND

OR	cpe:2.3:a:fahlstad:wp-forum::::::::
	cpe:2.3:a:fahlstad:wp-forum:1.5:::::::*
	cpe:2.3:a:fahlstad:wp-forum:1.6:::::::*
	cpe:2.3:a:fahlstad:wp-forum:1.7:::::::*
	cpe:2.3:a:fahlstad:wp-forum:1.7.3:::::::*
	cpe:2.3:a:fahlstad:wp-forum:1.7.4:::::::*
	cpe:2.3:a:fahlstad:wp-forum:1.7.8:::::::*
	cpe:2.3:a:fahlstad:wp-forum:1.8:::::::*
	cpe:2.3:a:fahlstad:wp-forum:2.0:::::::*
	cpe:2.3:a:fahlstad:wp-forum:2.1:::::::*

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/archive/1/508504/100/0/threaded
http://www.securityfocus.com/bid/37357

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-12-18T19:00:00

Updated: 2024-08-07T06:38:30.209Z

Reserved: 2009-10-15T00:00:00

Link: CVE-2009-3703

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2009-12-18T19:30:00.500

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-3703

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-12-16T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "37357", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/37357"}, {"name": "20091216 [ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/508504/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-3703", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "37357", "refsource": "BID", "url": "http://www.securityfocus.com/bid/37357"}, {"name": "20091216 [ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/508504/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T06:38:30.209Z"}, "title": "CVE Program Container", "references": [{"name": "37357", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/37357"}, {"name": "20091216 [ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/508504/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-3703", "datePublished": "2009-12-18T19:00:00", "dateReserved": "2009-10-15T00:00:00", "dateUpdated": "2024-08-07T06:38:30.209Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fahlstad:wp-forum:*:*:*:*:*:*:*:*", "matchCriteriaId": "1565D880-7E80-41A3-8195-88F3F5D7F72B", "versionEndIncluding": "2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "98445733-1C33-4395-AC1A-4E868D2CCAC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "62E080D2-696D-4544-916E-EB80FBE9F77B", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "60063708-9783-43B7-A54A-901D14CBD6F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5987635-99C6-4EAD-A6DB-C5587308BA6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "24761E14-6295-483D-85D6-6A7FE5DBEDAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "93719296-DB05-48C1-A2B5-32828DD169E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "9F51B17F-9582-4B7E-9FB3-F495414D3CC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C589E6AD-ECFA-4143-ABD6-DD1204F0E7BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:fahlstad:wp-forum:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F300AB0F-938B-4EE5-BDB1-3CBF1C290F48", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "matchCriteriaId": "847DA578-4655-477E-8A6F-99FBE738E4F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en el plugin WP-Forum para WordPress antes de v2.4 permiten a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de (1) el par\u00e1metro 'search_max' en una acci\u00f3n de b\u00fasqueda a la URI por defecto, en relaci\u00f3n con wpf.class.php; (2) el par\u00e1metro 'forum' a un componente no especificado, en relaci\u00f3n con wpf.class.php; (3) el par\u00e1metro 'topic' en una acci\u00f3n de la vista del Foro de la URI por defecto, en relacion con la funci\u00f3n remove_topic en wpf.class.php, o el par\u00e1metro 'id' en una acci\u00f3n (4) 'editpost' o (5) 'viewtopic' a la URI por defecto, en relaci\u00f3n con wpf-post.php."}], "id": "CVE-2009-3703", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-12-18T19:30:00.500", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/508504/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/37357"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/508504/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/37357"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}