CVE-2007-0107

critical

Description

WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after escaping the SQL query, which allows remote attackers to bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charsets, as demonstrated using UTF-7.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/31297

http://www.vupen.com/english/advisories/2007/0061

http://www.securityfocus.com/archive/1/456049/100/0/threaded

http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.005.html

http://www.hardened-php.net/advisory_022007.141.html

http://wordpress.org/development/2007/01/wordpress-206/

http://securityreason.com/securityalert/2112

http://security.gentoo.org/glsa/glsa-200701-10.xml

http://secunia.com/advisories/23741

http://secunia.com/advisories/23595

http://osvdb.org/31579

Details

Source: Mitre, NVD

Published: 2007-01-09

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical