| VID |
210033 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The WordPress program is vulnerable to an SQL injection vulnerability via the tb_id parameter. WordPress is a freely available PHP-based publication program that uses a MySQL backend database. WordPress version 2.0.6 and earlier versions could allow a remote attacker to execute arbitrary SQL commands, caused by improper filtering of user-supplied input passed to the 'tb_id' parameter of the 'wp-trackback.php' script. A remote attacker could exploit this vulnerability to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* References:
http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html
http://milw0rm.com/exploits/3109
* Platforms Affected:
Matthew Mullenweg, WordPress version 2.0.6 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of WordPress (2.1 or later), available from the WordPress Web site at http://wordpress.org/download/ |
| Related URL |
CVE-2007-0233 (CVE) |
| Related URL |
21983 (SecurityFocus) |
| Related URL |
31385 (ISS) |
|
