WEB APPLICATION VULNERABILITIES Standard & Premium

MySQL CVE-2004-0957 Vulnerability (CVE-2004-0957)

Description

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

Remediation

References

Related Vulnerabilities

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29524)

ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2051)

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-4894)

WordPress Plugin Advanced Popups Cross-Site Request Forgery (1.1.1)

WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (7.2)

Severity

Medium

Classification

CVE-2004-0957

Tags

Missing Update Known Vulnerabilities