CVE-2006-1012 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-1012

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment.

Affected Software

Name	Vendor	Start Version	End Version
Wordpress	Wordpress	1.5.2 (including)	1.5.2 (including)
Wordpress	Ubuntu	upstream	*

References

http://secunia.com/advisories/19109
http://secunia.com/advisories/19123
http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml
http://www.securityfocus.com/bid/16950
https://exchange.xforce.ibmcloud.com/vulnerabilities/25321
http://secunia.com/advisories/19109
http://secunia.com/advisories/19123
http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml
http://www.securityfocus.com/bid/16950
https://exchange.xforce.ibmcloud.com/vulnerabilities/25321