Vulnerabilities > CVE-2007-2484 - Remote Security vulnerability in Wp-Table

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
ruben-boelinger
exploit available

Summary

PHP remote file inclusion vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter.

Vulnerable Configurations

Part Description Count
Application
Ruben_Boelinger
1

Exploit-Db

descriptionWordpress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability. CVE-2007-2483,CVE-2007-2484. Webapps exploit for php platform
fileexploits/php/webapps/3824.txt
idEDB-ID:3824
last seen2016-01-31
modified2007-05-01
platformphp
port
published2007-05-01
reporterK-159
sourcehttps://www.exploit-db.com/download/3824/
titleWordPress plugin wp-Table <= 1.43 - inc_dir RFI Vulnerability
typewebapps