Description
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
Remediation
References
Related Vulnerabilities
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8155)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2889)
MySQL CVE-2017-3529 Vulnerability (CVE-2017-3529)
WordPress Plugin Poll, Survey, Questionnaire and Voting system SQL Injection (1.2.4)