CVE-2008-1060
published 2008-02-28CVE-2008-1060: Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code…
PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
44.22%
98.6th percentile
Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via the text parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wordpress | sniplets_plugin | — | — |
| wordpress | sniplets_plugin | — | — |
Detection & IOCsextracted from sources · hover to see the quote
urlhttp://victim.tld/wordpress/wp-content/plugins/sniplets/modules/execute.php?text=%3C?php%20system(%22ls%22);↗
- →Monitor HTTP requests targeting /wp-content/plugins/sniplets/modules/execute.php with a `text` parameter containing PHP code (e.g., URL-encoded `<?php`), indicating attempted eval injection / remote code execution. ↗
- →The exploit payload passes PHP code through the `text` GET parameter which is directly passed into `eval('?>'.$text)` — alert on requests to execute.php where the `text` parameter contains `%3C?php`, `<?php`, or `system(` patterns. ↗
- →Remote File Inclusion in syntax_highlight.php requires Register Globals to be ON — flag environments where PHP register_globals is enabled alongside this plugin. ↗
- ·The Remote File Inclusion vulnerability in syntax_highlight.php is only exploitable when PHP's register_globals directive is enabled (ON). Environments with register_globals OFF are not vulnerable to that specific vector. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/29099http://securityreason.com/securityalert/3706http://www.securityfocus.com/archive/1/488734/100/0/threadedhttp://www.securityfocus.com/bid/27985https://exchange.xforce.ibmcloud.com/vulnerabilities/40831https://www.exploit-db.com/exploits/5194http://secunia.com/advisories/29099http://securityreason.com/securityalert/3706http://www.securityfocus.com/archive/1/488734/100/0/threadedhttp://www.securityfocus.com/bid/27985https://exchange.xforce.ibmcloud.com/vulnerabilities/40831https://www.exploit-db.com/exploits/5194
2008-02-28
Published