Back to search
CVE-2006-3389
Published: Jul 6, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL table prefixes, via an invalid paged parameter, which displays the information in an SQL error message. NOTE: this issue has been disputed by a third party who states that the issue does not leak any target-specific information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20060713 Re: WordPress 2.0.3 SQL Error and Full Path Disclosure
mailing-list
x_refsource_BUGTRAQ
1187
third-party-advisory
x_refsource_SREASON
20928
third-party-advisory
x_refsource_SECUNIA
21447
third-party-advisory
x_refsource_SECUNIA
18779
vdb-entry
x_refsource_BID
20060704 Re: WordPress 2.0.3 SQL Error and Full Path Disclosure
mailing-list
x_refsource_BUGTRAQ
GLSA-200608-19
vendor-advisory
x_refsource_GENTOO
ADV-2006-2661
vdb-entry
x_refsource_VUPEN
20060702 WordPress 2.0.3 SQL Error and Full Path Disclosure
mailing-list
x_refsource_BUGTRAQ
20060704 Re: WordPress 2.0.3 SQL Error and Full Path Disclosure
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now