1 results (0.010 seconds)

CVSS: 9.8EPSS: 65%CPEs: 2EXPL: 2

SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the comment_post_ID parameter. Vulnerabilidad de inyección SQL en wp-comments-post.php en el plugin NOSpam PTI v2.1 para Wordpress permite a atacantes remotos ejecutar comandos SQL arbritrarios a través del parámetro "comment_post_ID". WordPress NOSpamPTI plugin version 2.1 suffers from a remote blind SQL injection vulnerability. • https://www.exploit-db.com/exploits/28485 http://archives.neohapsis.com/archives/bugtraq/2013-09/0102.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •