Spreadsheet plugin for WordPress ss_load.php SQL injection
| spreadsheet-ssload-sql-injection (41968) |  Medium Risk |
Description:
The Spreadsheet plugin for WordPress is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the ss_load.php script using the ss_id parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
Platforms Affected:
- Tim Rohrer, Spreadsheet plugin for WordPress 0.6
Remedy:
Upgrade to the latest version of Spreadsheet plugin for WordPress (0.62 or later), available from the Wordpress Spreadsheet Web site. See References.
Consequences:
Data Manipulation
References:
- Wordpress Spreadsheet Web site, Wordpress Spreadsheet at http://timrohrer.com/blog/?page_id=71.
- BID-28894: WordPress wpSS Spreadsheet Plugin 'ss_id' Parameter SQL Injection Vulnerability
- CVE-2008-1982: SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0.6 and earlier plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter.
- SA29938: WordPress Spreadsheet Plugin "ss_id" SQL Injection Vulnerability
- VUPEN/ADV-2008-1344: Spreadsheet for WordPress ss_id Remote SQL Injection Vulnerability
Reported:
Apr 22, 2008
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net