Description
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.
Remediation
References
Related Vulnerabilities
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16177)
WordPress Plugin WP Upload Restriction Multiple Vulnerabilities (2.2.3)
WordPress Plugin TinyMCE Color Picker Multiple Vulnerabilities (1.1)
Django Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-31542)