Description
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Statistics Cross-Site Scripting (12.0.5)
WordPress Plugin Contact Form Email Cross-Site Scripting (1.1.49)
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-10693)
Oracle Database Server CVE-2007-3854 Vulnerability (CVE-2007-3854)
WordPress Plugin BackUpWordPress Remote File Inclusion (0.4.2b)