Description
The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21297 Vulnerability (CVE-2022-21297)
Claroline Other Vulnerability (CVE-2005-1376)
MySQL CVE-2012-0489 Vulnerability (CVE-2012-0489)
WordPress Plugin Gallery Master-Responsive Photo Galleries & Albums Cross-Site Scripting (1.0.22)
WordPress Plugin YouTube Gallery-Best YouTube Video Gallery Cross-Site Scripting (3.2.1)