Description

Direct static code injection vulnerability in WordPress 2.0.2 and earlier allows remote attackers to execute arbitrary commands by inserting a carriage return and PHP code when updating a profile, which is appended after a special comment sequence into files in (1) wp-content/cache/userlogins/ (2) wp-content/cache/users/ which are later included by cache.php, as demonstrated using the displayname argument.

Remediation

References

CVE-2006-2667

Related Vulnerabilities

AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050)

MySQL CVE-2018-3251 Vulnerability (CVE-2018-3251)

WordPress Plugin Simple visitor stat Cross-Site Scripting (1.0)

IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-1103)

WordPress Plugin Fancy Cats Multiple Cross-Site Scripting Vulnerabilities (1.1)

Severity

High

Classification

CVE-2006-2667

Tags

Missing Update Known Vulnerabilities