CVE-2006-1012 Information

Description

SQL injection vulnerability in WordPress 1.5.2 and possibly other versions before 2.0 allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment.

Reference

http://secunia.com/advisories/19109 http://secunia.com/advisories/19123 http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml http://www.securityfocus.com/bid/16950 https://exchange.xforce.ibmcloud.com/vulnerabilities/25321