Description
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
Remediation
References
Related Vulnerabilities
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)
WordPress 5.4.x PHP Object Injection (5.4 - 5.4.5)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3747)
WordPress Plugin Variation Swatches for WooCommerce Cross-Site Scripting (1.0.61)
PHP Improper Input Validation Vulnerability (CVE-2021-21705)