Description
SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment.
Remediation
References
Related Vulnerabilities
WordPress Plugin MediaRSS external gallery TimThumb Arbitrary File Upload (0.1)
WordPress Plugin Advanced Order Export For WooCommerce CSV Injection (1.5.4)
Internet Information Services Other Vulnerability (CVE-2000-0951)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7859)
WordPress Plugin YITH WooCommerce Bulk Product Editing Security Bypass (1.2.13)