Описание
SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 0.7 (включая)
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01082
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
ubuntu
больше 10 лет назад
WordPress 0.7 (b2 cafelog code) allows SQL injection. / Blog.header.php. $ posts not converted to an integer, so we can inject sql in this variable. In MySQL 4.x can use UNION and subselects to obtain privileges.
debian
больше 10 лет назад
SQL injection vulnerability in log.header.php in WordPress 0.7 and ear ...
github
около 3 лет назад
SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.
EPSS
Процентиль: 77%
0.01082
Низкий
7.5 High
CVSS2
Дефекты
CWE-89