cbcvebase.
CVE-2008-1060
published 2008-02-28

CVE-2008-1060: Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code…

PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
44.22%
98.6th percentile
Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via the text parameter.

Affected

2 ranges
VendorProductVersion rangeFixed in
wordpresssniplets_plugin
wordpresssniplets_plugin

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://victim.tld/wordpress/wp-content/plugins/sniplets/modules/execute.php?text=%3C?php%20system(%22ls%22);
path/wp-content/plugins/sniplets/modules/execute.php
  • Monitor HTTP requests targeting /wp-content/plugins/sniplets/modules/execute.php with a `text` parameter containing PHP code (e.g., URL-encoded `<?php`), indicating attempted eval injection / remote code execution.
  • The exploit payload passes PHP code through the `text` GET parameter which is directly passed into `eval('?>'.$text)` — alert on requests to execute.php where the `text` parameter contains `%3C?php`, `<?php`, or `system(` patterns.
  • Remote File Inclusion in syntax_highlight.php requires Register Globals to be ON — flag environments where PHP register_globals is enabled alongside this plugin.
  • ·The Remote File Inclusion vulnerability in syntax_highlight.php is only exploitable when PHP's register_globals directive is enabled (ON). Environments with register_globals OFF are not vulnerable to that specific vector.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.