SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment.
References
Link | Resource |
---|---|
http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml | Patch Vendor Advisory |
http://www.securityfocus.com/bid/16950 | |
http://secunia.com/advisories/19109 | Patch Vendor Advisory |
http://secunia.com/advisories/19123 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/25321 |
Configurations
Information
Published : 2006-03-06 13:02
Updated : 2017-07-19 18:30
NVD link : CVE-2006-1012
Mitre link : CVE-2006-1012
JSON object : View
CWE
Products Affected
wordpress
- wordpress