Description
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Remediation
References
Related Vulnerabilities
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.154)
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10678)
WordPress Plugin Contact Form Email Multiple Vulnerabilities (1.2.65)
Liferay Portal Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43803)