CVE-2007-0107 in WordPress信息

摘要

由 VulDB • 2026-05-11

WordPress 2.0.6 之前的版本,在 PHP 启用 mbstring 时,会在对 SQL 查询进行转义后解码备用字符集,这使得远程攻击者能够通过多字节字符集(如 UTF-7)绕过 SQL 注入防护机制并执行任意 SQL 命令。

If you want to get best quality of vulnerability data, you may have to visit VulDB.

来源

Want to know what is going to be exploited?

We predict KEV entries!