Description
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Remediation
References
Related Vulnerabilities
WordPress 2.5 Cookie Integrity Protection Unauthorized Access Vulnerability (0.6.2 - 2.5)
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-30156)
WordPress Plugin Flip Slideshow Cross-Site Scripting (2.2)
Python Uncontrolled Resource Consumption Vulnerability (CVE-2019-9674)
ReviveAdserver Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7371)