How severe is CVE-2007-6318?

The severity of CVE-2007-6318 has not been assessed with CVSS v3.

CVE-2007-6318: SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, ( | Zerodai Security

Name: wordpress
Author: wordpress

Description

SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a "\" in a multibyte character.

AI AnalysisPowered by AI

Affected Products

wordpresswordpress

2.0

wordpresswordpress

2.0.1

wordpresswordpress

2.0.2

wordpresswordpress

2.0.3

wordpresswordpress

2.0.4

wordpresswordpress

2.0.5

wordpresswordpress

2.0.6

wordpresswordpress

2.0.7

wordpresswordpress

2.0.10

wordpresswordpress

2.0.10_rc1

wordpresswordpress

2.0.10_rc2

wordpresswordpress

2.1.1

wordpresswordpress

2.1.2

wordpresswordpress

2.1.3

wordpresswordpress

2.1.3_rc1

wordpresswordpress

2.1.3_rc2

wordpresswordpress

2.2

wordpresswordpress

2.2.1

wordpresswordpress

2.2.2

wordpresswordpress

2.2.3

wordpresswordpress

2.2_revision5002

wordpresswordpress

2.2_revision5003

wordpresswordpress

2.3

wordpresswordpress

2.3.1

Available Exploits (1)

EDB-4721

webappsphpVERIFIED

WordPress Core 2.3.1 - Charset SQL Injection

CVE-2007-6318

Abel Cheung12/11/2007

Description

AI AnalysisPowered by AI

Affected Products

Available Exploits (1)

WordPress Core 2.3.1 - Charset SQL Injection

References