Description

SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.

Remediation

References

CVE-2012-2762

Related Vulnerabilities

MySQL CVE-2015-2571 Vulnerability (CVE-2015-2571)

Oracle Database Server CVE-2010-2407 Vulnerability (CVE-2010-2407)

WordPress Plugin Advanced Access Manager Cross-Site Scripting (6.7.9)

Apache HTTP Server CVE-2004-0786 Vulnerability (CVE-2004-0786)

WordPress Plugin Qiniu Cloudtuchuang Cross-Site Scripting (1.8)

Severity

High

Classification

CVE-2012-2762 CWE-138

Tags

Missing Update Known Vulnerabilities