SQL Injection Vulnerabilities in Wordcircle by WordPress
CVE-2006-0205

Currently unrated

Key Information:

Vendor

WordPress
Status
Wordcircle
Vendor
CVE Published:
13 January 2006

What is CVE-2006-0205?

Multiple SQL injection vulnerabilities in Wordcircle 2.17 can enable remote attackers to execute arbitrary SQL commands, potentially bypassing authentication via the login action's password field. Additionally, other fields in unspecified scripts may be susceptible to unknown impacts, heightening the risk of unauthorized access and data manipulation.

References

http://www.vupen.com/english/advisories/2006/0185
vdb-entryx_refsource_VUPEN
http://securityreason.com/securityalert/346
third-party-advisoryx_refsource_SREASON
http://evuln.com/vulns/27/summary.html
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.