How severe is CVE-2007-6318?

The severity of CVE-2007-6318 has not been assessed with CVSS v3.

CVE-2007-6318: SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, ( | Zerodai Security

Name: wordpress
Author: wordpress

描述

SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a "\" in a multibyte character.

AI分析AI驱动

受影响产品

wordpresswordpress

2.0

wordpresswordpress

2.0.1

wordpresswordpress

2.0.2

wordpresswordpress

2.0.3

wordpresswordpress

2.0.4

wordpresswordpress

2.0.5

wordpresswordpress

2.0.6

wordpresswordpress

2.0.7

wordpresswordpress

2.0.10

wordpresswordpress

2.0.10_rc1

wordpresswordpress

2.0.10_rc2

wordpresswordpress

2.1.1

wordpresswordpress

2.1.2

wordpresswordpress

2.1.3

wordpresswordpress

2.1.3_rc1

wordpresswordpress

2.1.3_rc2

wordpresswordpress

2.2

wordpresswordpress

2.2.1

wordpresswordpress

2.2.2

wordpresswordpress

2.2.3

wordpresswordpress

2.2_revision5002

wordpresswordpress

2.2_revision5003

wordpresswordpress

2.3

wordpresswordpress

2.3.1

可用漏洞利用 (1)

EDB-4721

webappsphpVERIFIED

WordPress Core 2.3.1 - Charset SQL Injection

CVE-2007-6318

Abel Cheung12/11/2007

描述

AI分析AI驱动

受影响产品

可用漏洞利用 (1)

WordPress Core 2.3.1 - Charset SQL Injection

参考资料