Description
SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment.
Remediation
References
Related Vulnerabilities
WordPress Improper Authentication Vulnerability (CVE-2022-43504)
Prototype Improper Privilege Management Vulnerability (CVE-2020-7993)
Joomla Improper Access Control Vulnerability (CVE-2016-9838)
WordPress Plugin Gallery-Flagallery Photo Portfolio 'flagshow.php' Cross-Site Scripting (1.57)
WordPress Plugin Loco Translate Unspecified Vulnerability (2.5.4)