CVE-2009-2143
Last modified
CVE-2009-2143 is a vulnerability of currently unknown severity. PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the fs_javascript parameter.. EPSS estimates a 2.82% chance of exploitation in the next 30 days.
Description
PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the fs_javascript parameter.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Firestats | Firestats | <= 1.6.1 | Stable |
| Firestats | Firestats | 0.9.0-beta | — |
| Firestats | Firestats | 0.9.1-beta | — |
| Firestats | Firestats | 0.9.2-beta | — |
| Firestats | Firestats | 0.9.3-beta | — |
| Firestats | Firestats | 0.9.4-beta | — |
| Firestats | Firestats | 0.9.5-beta | — |
| Firestats | Firestats | 0.9.6-beta | — |
| Firestats | Firestats | 0.9.7-beta | — |
| Firestats | Firestats | 0.9.8-beta | — |
| Firestats | Firestats | 0.9.9 | — |
| Firestats | Firestats | 1.0 | — |
| Firestats | Firestats | 1.0.0 | Rc1 |
| Firestats | Firestats | 1.0.1 | Rc2 |
| Firestats | Firestats | 1.0.2 | Rc3 |
| Firestats | Firestats | 1.1.1 | Rc1 |
| Firestats | Firestats | 1.1.2 | Rc2 |
| Firestats | Firestats | 1.1.3 | Rc3 |
| Firestats | Firestats | 1.1.4 | Rc5 |
| Firestats | Firestats | 1.1.5 | Stable |
| Firestats | Firestats | 1.1.6 | Stable |
| Firestats | Firestats | 1.1.7 | Stable |
| Firestats | Firestats | 1.1.8 | Stable |
| Firestats | Firestats | 1.2.0-beta | — |
| Firestats | Firestats | 1.2.1 | Rc1 |
| Firestats | Firestats | 1.2.2 | Rc2 |
| Firestats | Firestats | 1.2.3 | Rc3 |
| Firestats | Firestats | 1.2.4 | Stable |
| Firestats | Firestats | 1.3.0-beta | — |
| Firestats | Firestats | 1.3.1-beta | — |
| Firestats | Firestats | 1.3.2-beta | — |
| Firestats | Firestats | 1.3.3-beta | — |
| Firestats | Firestats | 1.3.4 | Rc1 |
| Firestats | Firestats | 1.3.5 | Rc2 |
| Firestats | Firestats | 1.3.6 | Stabe |
| Firestats | Firestats | 1.4 | — |
| Firestats | Firestats | 1.4.0-beta | — |
| Firestats | Firestats | 1.4.1-beta | — |
| Firestats | Firestats | 1.4.2-beta | — |
| Firestats | Firestats | 1.4.3 | Rc1 |
| Firestats | Firestats | 1.4.4 | Stable |
| Firestats | Firestats | 1.5 | — |
| Firestats | Firestats | 1.5.0-beta | — |
| Firestats | Firestats | 1.5.1-beta | — |
| Firestats | Firestats | 1.5.2-beta | — |
| Firestats | Firestats | 1.5.3 | Rc1 |
| Firestats | Firestats | 1.5.4 | Rc2 |
| Firestats | Firestats | 1.5.5 | Rc3 |
| Firestats | Firestats | 1.5.7 | Rc1 |
| Firestats | Firestats | 1.5.8 | Rc2 |
Showing 50 of 59 affected configurations. See NVD for the full list.
References
- http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009Patch, Vendor Advisory
- http://secunia.com/advisories/35400Vendor Advisory
- http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009Patch, Vendor Advisory
- http://secunia.com/advisories/35400Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-2143?
How severe is CVE-2009-2143?
How do I fix CVE-2009-2143?
Are you affected by CVE-2009-2143?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST