CVE-2006-1012

EPSS 1.9%

Published: 3/6/2006Modified: 5/27/2026

Description

SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment.

Affected packages (1)

Debian/wordpressfrom 0, < 2.0.1-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-1012