• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WordPress Comment Table SQL Injection Vulnerability

Bugtraq ID:	21896
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Jan 05 2007 12:00AM
Updated:	Jan 05 2007 12:00AM
Credit:	Stefan Esser is credited with the discovery of this vulnerability.
Vulnerable:	WordPress Wordpress (B2) 0.6.2 .1 WordPress Wordpress (B2) 0.6.2 WordPress WordPress 2.0.5 WordPress WordPress 2.0.4 WordPress WordPress 2.0.3 WordPress WordPress 2.0.2 WordPress WordPress 2.0.1 WordPress WordPress 2.0 WordPress WordPress 1.5.2 WordPress WordPress 1.5.1 .3 WordPress WordPress 1.5.1 .2 WordPress WordPress 1.5.1 WordPress WordPress 1.5 WordPress WordPress 1.2.2 WordPress WordPress 1.2.1 + Gentoo Linux WordPress WordPress 1.2 + Gentoo Linux 1.4 + Gentoo Linux WordPress WordPress 0.71 WordPress WordPress 0.7
Not Vulnerable:	WordPress WordPress 2.0.6