Description
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
Remediation
References
Related Vulnerabilities
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv SQL Injection (1.3.1)
PHP Other Vulnerability (CVE-2007-1718)
WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.21.2)
WordPress Plugin easyReservations Cross-Site Scripting (5.0.11)
WordPress Plugin Portfolio by BestWebSoft Cross-Site Scripting (2.39)