CVE-2008-1646

Publication date

2008-04-02 17:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the dl_id parameter.