Description
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
Remediation
References
Related Vulnerabilities
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4661)
WordPress Plugin Survey Maker-Best WordPress Survey SQL Injection (1.5.5)
WordPress Plugin Search Types Custom Fields Widget Unspecified Vulnerability (1.3)
WordPress Plugin Aspose Importer & Exporter Arbitrary File Download (2.0)
WordPress Plugin Simple Link Directory PHP Object Injection (5.5.0)