Description

PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."

Remediation

References

CVE-2006-2313

Related Vulnerabilities

WordPress Plugin Enable Media Replace Directory Traversal (3.6.3)

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)

WordPress Plugin Events Manager Unspecified Vulnerability (5.5.5)

TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)

WordPress Plugin WooCommerce Help Scout Arbitrary File Upload (2.9)

Severity

High

Classification

CVE-2006-2313

Tags

Missing Update Known Vulnerabilities