Description

MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.

Remediation

References

CVE-2001-1275

Related Vulnerabilities

WordPress Plugin yolink Search for WordPress Cross-Site Scripting (2.5)

Magento CVE-2019-8107 Vulnerability (CVE-2019-8107)

WordPress Plugin Embedded Video 'lembedded-video.php' Cross-Site Scripting (4.1)

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223)

WordPress Plugin ARForms:Wordpress Form Builder Arbitrary File Deletion (3.7.1)

Severity

High

Classification

CVE-2001-1275

Tags

Missing Update Known Vulnerabilities