Description

SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php.

Remediation

References

CVE-2005-1810

Related Vulnerabilities

WordPress Plugin GD Rating System Multiple Vulnerabilities (2.3)

WordPress CVE-2023-5561 Vulnerability (CVE-2023-5561)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5397)

Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.17)

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3745)

Severity

High

Classification

CVE-2005-1810

Tags

Missing Update Known Vulnerabilities