WordPress <= 2.0.6 - SQL Injection vulnerability
- Product
- WordPress
- Description
- The attackers can execute arbitrary SQL commands via the "tb_id" parameter.
- Solution
- Update the WordPress to the latest available version (at least 2.0.7).
- Classification
-
Type SQL Injection
OWASP Top 10 A1: Injection - References
-
CVE Mitre
- CVE
- Name CVE-2007-0233
- Versions
-
Affected In
<= 2.0.6
Fixed In 2.0.7 - Disclosure date
- 2007-01-12
- Credits
- rgod
- Submitter
- ThreatPress