Description

Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.

Remediation

References

CVE-2006-0200

Related Vulnerabilities

WordPress Plugin Real WYSIWYG Cross-Site Scripting (0.0.2)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-30875)

MySQL CVE-2021-2055 Vulnerability (CVE-2021-2055)

WordPress Plugin Duplicate Page SQL Injection (3.3)

Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-3395)

Severity

Critical

Classification

CVE-2006-0200 CWE-134

Tags

Missing Update Known Vulnerabilities