Lucene search

[email protected]NVD:CVE-2007-6318

HistoryDec 12, 2007 - 12:46 a.m.

CVE-2007-6318

2007-12-1200:46:00

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.009

Percentile

83.4%

JSON

SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a "" in a multibyte character.

Affected configurations

Nvd

Node

wordpresswordpressMatch2.0

wordpresswordpressMatch2.0.1

wordpresswordpressMatch2.0.2

wordpresswordpressMatch2.0.3

wordpresswordpressMatch2.0.4

wordpresswordpressMatch2.0.5

wordpresswordpressMatch2.0.6

wordpresswordpressMatch2.0.7

wordpresswordpressMatch2.0.10

wordpresswordpressMatch2.0.10_rc1

wordpresswordpressMatch2.0.10_rc2

wordpresswordpressMatch2.1.1

wordpresswordpressMatch2.1.2

wordpresswordpressMatch2.1.3

wordpresswordpressMatch2.1.3_rc1

wordpresswordpressMatch2.1.3_rc2

wordpresswordpressMatch2.2

wordpresswordpressMatch2.2.1

wordpresswordpressMatch2.2.2

wordpresswordpressMatch2.2.3

wordpresswordpressMatch2.2_revision5002

wordpresswordpressMatch2.2_revision5003

wordpresswordpressMatch2.3

wordpresswordpressMatch2.3.1

VendorProductVersionCPE
wordpresswordpress2.0cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
wordpresswordpress2.0.1cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
wordpresswordpress2.0.2cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
wordpresswordpress2.0.3cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
wordpresswordpress2.0.4cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
wordpresswordpress2.0.5cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
wordpresswordpress2.0.6cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
wordpresswordpress2.0.7cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
wordpresswordpress2.0.10cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*
wordpresswordpress2.0.10_rc1cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wordpress	wordpress	2.0	cpe:2.3:a:wordpress:wordpress:2.0:::::::*
wordpress	wordpress	2.0.1	cpe:2.3:a:wordpress:wordpress:2.0.1:::::::*
wordpress	wordpress	2.0.2	cpe:2.3:a:wordpress:wordpress:2.0.2:::::::*
wordpress	wordpress	2.0.3	cpe:2.3:a:wordpress:wordpress:2.0.3:::::::*
wordpress	wordpress	2.0.4	cpe:2.3:a:wordpress:wordpress:2.0.4:::::::*
wordpress	wordpress	2.0.5	cpe:2.3:a:wordpress:wordpress:2.0.5:::::::*
wordpress	wordpress	2.0.6	cpe:2.3:a:wordpress:wordpress:2.0.6:::::::*
wordpress	wordpress	2.0.7	cpe:2.3:a:wordpress:wordpress:2.0.7:::::::*
wordpress	wordpress	2.0.10	cpe:2.3:a:wordpress:wordpress:2.0.10:::::::*
wordpress	wordpress	2.0.10_rc1	cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:::::::*