Lucene search
Stefan EsserPATCHSTACK:D0CFF3220A0063989ED70B172B9D29CDHistoryJan 08, 2007 - 12:00 a.m.
WordPress <= 2.0.5 - SQL Injection
2007-01-0800:00:00
Stefan Esser
patchstack.com
5
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Because of this vulnerability, the attackers can bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charsets.
Solution
Update the WordPress to the latest available version (at least 2.0.6).
Related
cve
cve
CVE-2007-0107
2007-01-09 00:28:00
debiancve
debiancve
CVE-2007-0107
2007-01-09 00:28:00
ubuntucve
ubuntucve
CVE-2007-0107
2007-01-09 00:00:00
nessus
nessus
WordPress Trackback Charset Decoding SQL Injection
2007-01-12 00:00:00
GLSA-200701-10 : WordPress: Multiple vulnerabilities
2007-01-17 00:00:00
prion
prion
Sql injection
2007-01-09 00:28:00
gentoo
gentoo
WordPress: Multiple vulnerabilities
2007-01-15 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200701-10 (wordpress)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200701-10 (wordpress)
2008-09-24 00:00:00
securityvulns
securityvulns
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related for PATCHSTACK:D0CFF3220A0063989ED70B172B9D29CD