CVE-2015-3325
published 2015-05-15CVE-2015-3325: SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the…
PriorityP353high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
4.77%
90.8th percentile
SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERY_STRING to the default URI.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wpsymposium | wp_symposium | <= 15.2 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Buffer Overflow
exploitdb·2015-12-16
CVE-2015-8736 Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Buffer Overflow
Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Buffer Overflow
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=655
The following crash due to a stack-based buffer overflow can be observed in an ASAN build of Wireshark (current git master), by feeding a malformed file to tshark ("$ ./tshark -nVxr /path/to/file"):
--- cut ---
==3325==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff80063d1c at pc 0x0000004aaf56 bp 0x7fff80063a50 sp 0x7fff80063200
WRITE of size 202 at 0x7fff80063d1c thread T0
#0 0x4aaf55 in __asan_memcpy llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:393
#1 0x7fb265728fad in file_read wireshark/wiretap/file_wrappers.c:1222:13
#2 0x7fb2658ae866 in wtap_read_bytes_or_eof wireshark/wiretap/wtap.
Exploit-DB
WordPress Plugin WP Symposium 15.1 - '&show=' SQL Injection
exploitdb·2015-05-21·CVSS 7.5
CVE-2015-3325 [HIGH] WordPress Plugin WP Symposium 15.1 - '&show=' SQL Injection
WordPress Plugin WP Symposium 15.1 - '&show=' SQL Injection
---
title: SQL Injection
product: WordPress WP Symposium Plugin
vulnerable version: 15.1 (and probably below)
fixed version: 15.4
CVE number: CVE-2015-3325
impact: CVSS Base Score 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
homepage: https://wordpress.org/plugins/wp-symposium/
found: 2015-02-07
by: Hannes Trunde
mail: [email protected]
twitter: @hannestrunde
Plugin description:
"WP Symposium turns a WordPress website into a Social Network! It is a WordPress
plugin that provides a forum, activity (similar to Facebook wall), member
directory, private mail, notification panel, chat windows, profile page, social
widgets, activity alerts, RSS activity feeds, Groups, Events, Gallery, Facebook
Connect and Mobile support! You simply cho
No writeups or analysis indexed.
http://packetstormsecurity.com/files/131801/WordPress-WP-Symposium-15.1-SQL-Injection.htmlhttp://www.securityfocus.com/bid/74237https://www.exploit-db.com/exploits/37080/http://packetstormsecurity.com/files/131801/WordPress-WP-Symposium-15.1-SQL-Injection.htmlhttp://www.securityfocus.com/bid/74237https://www.exploit-db.com/exploits/37080/
2015-05-15
Published