Description

MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.

Remediation

References

CVE-2006-4226

Related Vulnerabilities

WordPress Plugin Popup Builder-Responsive WordPress Pop up-Subscription & Newsletter SQL Injection (2.6.7.6)

WordPress Plugin CSS Hero Cross-Site Scripting (4.03)

MySQL CVE-2021-2213 Vulnerability (CVE-2021-2213)

WordPress Plugin tPlayer-Audio Player for WordPress Multiple Cross-Site Scripting Vulnerabilities (1.1.5)

WordPress Plugin Block wp-login Cross-Site Request Forgery (1.3.0)

Severity

Low

Classification

CVE-2006-4226

Tags

Missing Update Known Vulnerabilities