CVE-2008-0388

CVE Database · CVE-2008-0388

CVE-2008-0388

· N/AModified

CVSS v3.1

N/A

EPSS

3.49%

Published

Jan 23, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBWordPress Plugin WP-Forum 1.7.4 - SQL Injection TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the user parameter in a showprofile action to the default URI.

Weaknesses (CWE)

CWE-89

Affected Products (1)

wordpress · wp_forumvulnerable

References (16)

http://archives.neohapsis.com/archives/bugtraq/2008-02/0272.html

http://osvdb.org/52211

http://secunia.com/advisories/28567

Vendor Advisory

http://weblogtoolscollection.com/archives/2008/01/21/wp-forum-plugin-security-bulletin/

http://www.securityfocus.com/bid/27362

Exploit

http://www.vupen.com/english/advisories/2008/0235

https://exchange.xforce.ibmcloud.com/vulnerabilities/39800

https://www.exploit-db.com/exploits/4939

http://archives.neohapsis.com/archives/bugtraq/2008-02/0272.html

http://osvdb.org/52211

http://secunia.com/advisories/28567

KEV Catalog EPSS Scores Vendors All CVEs