Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1012

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1012
Last Modified 05 Sep 2008 05:00:47
Published 06 Mar 2006 04:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1012

Summary

SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment.

Vulnerable Systems

Application

  • Wordpress 1.5.2


References

GENTOO - GLSA-200603-01

SECUNIA - 19109

BID - 16950

XF - wordpress-comment-sql-injection(25321)

SECUNIA - 19123


Last Updated: 27 May 2016 10:41:53