Description
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
Remediation
References
Related Vulnerabilities
WordPress Plugin Admin Font Editor Cross-Site Scripting (1.8)
phpBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-3880)
WordPress Plugin WP Fastest Cache Multiple Vulnerabilities (0.8.5.8)
WordPress Plugin WP Survey And Quiz Tool 'rowcount' Parameter Cross-Site Scripting (2.9.2)