Description
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
Remediation
References
Related Vulnerabilities
WordPress Plugin Plugmatter Pricing Table Cross-Site Scripting (1.0.32)
WordPress Plugin dsIDXpress IDX Multiple Unspecified Vulnerabilities (2.1.32)
TYPO3 CVE-2023-38499 Vulnerability (CVE-2023-38499)
WordPress Plugin OAuth client Single Sign On for WordPress (OAuth 2.0 SSO) Security Bypass (3.0.3)