CVE-2018-1000131

Sažetak

Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. This attack appear to be exploitable via web site, without login. This vulnerability appears to have been fixed in 9.0.3 and later.

Reference

https://github.com/00theway/exp/blob/master/wordpress/wpsupportplus.md
https://wordpress.org/plugins/wp-support-plus-responsive-ticket-system/#developers
https://wpvulndb.com/vulnerabilities/9041

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

13-04-2018 - 13:45

Objavljeno

14-03-2018 - 13:29