Lucene search
Ubuntu.comUB:CVE-2007-0107HistoryJan 09, 2007 - 12:00 a.m.
CVE-2007-0107
2007-01-0900:00:00
ubuntu.com
ubuntu.com
8
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
77.1%
WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate
character sets after escaping the SQL query, which allows remote attackers
to bypass SQL injection protection schemes and execute arbitrary SQL
commands via multibyte charsets, as demonstrated using UTF-7.
Related
patchstack
patchstack
WordPress <= 2.0.5 - SQL Injection
2007-01-08 00:00:00
cve
cve
CVE-2007-0107
2007-01-09 00:28:00
debiancve
debiancve
CVE-2007-0107
2007-01-09 00:28:00
nessus
nessus
WordPress Trackback Charset Decoding SQL Injection
2007-01-12 00:00:00
GLSA-200701-10 : WordPress: Multiple vulnerabilities
2007-01-17 00:00:00
prion
prion
Sql injection
2007-01-09 00:28:00
openvas
openvas
Gentoo Security Advisory GLSA 200701-10 (wordpress)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200701-10 (wordpress)
2008-09-24 00:00:00
gentoo
gentoo
WordPress: Multiple vulnerabilities
2007-01-15 00:00:00
securityvulns
securityvulns
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
77.1%
Related for UB:CVE-2007-0107