Description
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
Remediation
References
Related Vulnerabilities
WordPress CVE-2020-25286 Vulnerability (CVE-2020-25286)
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-20920)
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2022-41766)
Apache Traffic Server CVE-2023-44487 Vulnerability (CVE-2023-44487)