Description

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.

Remediation

References

CVE-2005-2108

Related Vulnerabilities

ownCloud Other Vulnerability (CVE-2022-25338)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4295)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1599)

PHP Improper Input Validation Vulnerability (CVE-2015-8873)

WordPress Plugin WP PRO Advertising System-All In One Ad Manager SQL Injection (4.6.18)

Severity

High

Classification

CVE-2005-2108

Tags

Missing Update Known Vulnerabilities