CVE-2009-2143 Information

Description

PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the fs_javascript parameter.

Reference

http://firestats.cc/wiki/ChangeLoga1.6.2-stable13062009 http://secunia.com/advisories/35400 https://www.exploit-db.com/exploits/8945