Max CVSS 6.8 Min CVSS 6.8 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-0107 6.8
WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after escaping the SQL query, which allows remote attackers to bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charset
16-10-2018 - 16:31 09-01-2007 - 00:28
CVE-2007-0106 6.8
Cross-site scripting (XSS) vulnerability in the CSRF protection scheme in WordPress before 2.0.6 allows remote attackers to inject arbitrary web script or HTML via a CSRF attack with an invalid token and quote characters or HTML tags in URL variable
16-10-2018 - 16:31 09-01-2007 - 00:28
Back to Top Mark selected
Back to Top