Description
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
Remediation
References
Related Vulnerabilities
PostgreSQL Improper Authentication Vulnerability (CVE-2009-3231)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37150)
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce Multiple Vulnerabilities (1.1.9)
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)
WordPress Plugin Levo Slideshow Multiple Vulnerabilities (2.3)