Description

SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php.

Remediation

References

CVE-2005-1810

Related Vulnerabilities

Joomla Improper Input Validation Vulnerability (CVE-2018-12712)

WordPress Plugin Cherry Multiple Vulnerabilities (1.2.6)

OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3566)

Oracle JRE Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3174)

WordPress Plugin Cimy Counter HTTP Response Splitting and Cross-Site Scripting Vulnerabilities (0.9.4)

Severity

High

Classification

CVE-2005-1810

Tags

Missing Update Known Vulnerabilities