Description
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8644)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (7.1.04)
Zenphoto Other Vulnerability (CVE-2006-2186)
TYPO3 Improper Neutralization of HTTP Headers for Scripting Syntax Vulnerability (CVE-2021-41114)
WordPress Plugin Integration for Contact Form 7 and Salesforce Cross-Site Scripting (1.2.4)