Description

index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL table prefixes, via an invalid paged parameter, which displays the information in an SQL error message. NOTE: this issue has been disputed by a third party who states that the issue does not leak any target-specific information.

Remediation

References

CVE-2006-3389

Related Vulnerabilities

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11026)

Apache Tomcat Other Vulnerability (CVE-2003-0042)

Oracle JRE CVE-2013-2440 Vulnerability (CVE-2013-2440)

MySQL CVE-2018-3137 Vulnerability (CVE-2018-3137)

MySQL CVE-2017-3650 Vulnerability (CVE-2017-3650)

Severity

Medium

Classification

CVE-2006-3389

Tags

Missing Update Known Vulnerabilities