CVE-2009-2144
UnknownEPSS 2.05%
Last modified
CVE-2009-2144 is a vulnerability of currently unknown severity. SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.. EPSS estimates a 2.05% chance of exploitation in the next 30 days.
Description
SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Edgewall | Firestats | <= 1.6.1 | Stable |
| Edgewall | Firestats | 0.9.0-beta | — |
| Edgewall | Firestats | 0.9.1-beta | — |
| Edgewall | Firestats | 0.9.2-beta | — |
| Edgewall | Firestats | 0.9.3-beta | — |
| Edgewall | Firestats | 0.9.4-beta | — |
| Edgewall | Firestats | 0.9.5-beta | — |
| Edgewall | Firestats | 0.9.6-beta | — |
| Edgewall | Firestats | 0.9.7-beta | — |
| Edgewall | Firestats | 0.9.8-beta | — |
| Edgewall | Firestats | 0.9.9 | — |
| Edgewall | Firestats | 1.0 | — |
| Edgewall | Firestats | 1.0.0 | Rc1 |
| Edgewall | Firestats | 1.0.1 | Rc2 |
| Edgewall | Firestats | 1.0.2 | Rc3 |
| Edgewall | Firestats | 1.1.1 | Rc1 |
| Edgewall | Firestats | 1.1.2 | Rc2 |
| Edgewall | Firestats | 1.1.3 | Rc3 |
| Edgewall | Firestats | 1.1.4 | Rc5 |
| Edgewall | Firestats | 1.1.5 | Stable |
| Edgewall | Firestats | 1.1.6 | Stable |
| Edgewall | Firestats | 1.1.7 | Stable |
| Edgewall | Firestats | 1.1.8 | Stable |
| Edgewall | Firestats | 1.2.0-beta | — |
| Edgewall | Firestats | 1.2.1 | Rc1 |
| Edgewall | Firestats | 1.2.2 | Rc2 |
| Edgewall | Firestats | 1.2.3 | Rc3 |
| Edgewall | Firestats | 1.2.4 | Stable |
| Edgewall | Firestats | 1.3.0-beta | — |
| Edgewall | Firestats | 1.3.1-beta | — |
| Edgewall | Firestats | 1.3.2-beta | — |
| Edgewall | Firestats | 1.3.3-beta | — |
| Edgewall | Firestats | 1.3.4 | Rc1 |
| Edgewall | Firestats | 1.3.5 | Rc2 |
| Edgewall | Firestats | 1.3.6 | Stable |
| Edgewall | Firestats | 1.4 | — |
| Edgewall | Firestats | 1.4.0-beta | — |
| Edgewall | Firestats | 1.4.1-beta | — |
| Edgewall | Firestats | 1.4.2-beta | — |
| Edgewall | Firestats | 1.4.3 | Rc1 |
| Edgewall | Firestats | 1.4.4 | Stable |
| Edgewall | Firestats | 1.5 | — |
| Edgewall | Firestats | 1.5.0-beta | — |
| Edgewall | Firestats | 1.5.1-beta | — |
| Edgewall | Firestats | 1.5.2-beta | — |
| Edgewall | Firestats | 1.5.3 | Rc1 |
| Edgewall | Firestats | 1.5.4 | Rc2 |
| Edgewall | Firestats | 1.5.5 | Rc3 |
| Edgewall | Firestats | 1.5.6-beta | — |
| Edgewall | Firestats | 1.5.7 | Rc1 |
Showing 50 of 60 affected configurations. See NVD for the full list.
References
- http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009Patch, Vendor Advisory
- http://secunia.com/advisories/35400Vendor Advisory
- http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009Patch, Vendor Advisory
- http://secunia.com/advisories/35400Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-2144?
SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
How severe is CVE-2009-2144?
Severity scoring for CVE-2009-2144 is pending analysis. The EPSS model estimates a 2.05% probability of exploitation in the next 30 days.
How do I fix CVE-2009-2144?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2009-2144?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST