CVE-2010-4257
CVE-2010-4257
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605603http://codex.wordpress.org/Version_3.0.2http://core.trac.wordpress.org/changeset/16625http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052879.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/052892.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/052917.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/052932.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=659265http://secunia.com/advisories/42431http://secunia.com/advisories/42753http://secunia.com/advisories/42844