CVE-2010-4257

Published: Dec 7, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

42844

third-party-advisory

x_refsource_SECUNIA

http://wordpress.org/news/2010/11/wordpress-3-0-2/

x_refsource_CONFIRM

DSA-2138

vendor-advisory

x_refsource_DEBIAN

FEDORA-2010-19329

vendor-advisory

x_refsource_FEDORA

42753

third-party-advisory

x_refsource_SECUNIA

http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/

x_refsource_MISC

FEDORA-2010-19290

vendor-advisory

x_refsource_FEDORA

42871

third-party-advisory

x_refsource_SECUNIA

ADV-2010-3337

vdb-entry

x_refsource_VUPEN

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605603

x_refsource_CONFIRM

http://core.trac.wordpress.org/changeset/16625

x_refsource_CONFIRM

http://www.xakep.ru/magazine/xa/124/052/1.asp

x_refsource_MISC

45131

vdb-entry

x_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=659265

x_refsource_CONFIRM

FEDORA-2010-19296

vendor-advisory

x_refsource_FEDORA

FEDORA-2010-19330

vendor-advisory

x_refsource_FEDORA

42431

third-party-advisory

x_refsource_SECUNIA

http://codex.wordpress.org/Version_3.0.2

x_refsource_CONFIRM

ADV-2011-0042

vdb-entry

x_refsource_VUPEN

ADV-2011-0057

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-4257

Description

Affected Products

References