Public bug reported: Binary package hint: wordpress
WordPress Post_ID Parameter SQL Injection Vulnerability Bugtraq ID: 23294 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Apr 03 2007 12:00AM Updated: Apr 05 2007 03:52PM Credit: [EMAIL PROTECTED] is credited with the discovery of this vulnerability. Vulnerable: WordPress WordPress 2.1.2 WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. WordPress 2.1.2 is vulnerable to this issue; other versions may also be affected Attackers can use a browser to exploit this issue. The following proof-of-concept exploit is available: http://www.securityfocus.com/data/vulnerabilities/exploits/23294.pl Solution: Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[EMAIL PROTECTED] References: * WordPress Homepage (WordPress) http://wordpress.org/ ** Affects: wordpress (Ubuntu) Importance: Undecided Status: Unconfirmed -- WordPress Post_ID Parameter SQL Injection Vulnerability https://bugs.launchpad.net/bugs/104944 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
