{"id":"CVE-2005-2108","details":"SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.","modified":"2026-04-10T03:37:08.616652Z","published":"2005-07-05T04:00:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/15831"},{"type":"ADVISORY","url":"http://www.gulftech.org/?node=research&article_id=00085-06282005"},{"type":"EVIDENCE","url":"http://www.gulftech.org/?node=research&article_id=00085-06282005"},{"type":"FIX","url":"http://secunia.com/advisories/15831"},{"type":"WEB","url":"http://marc.info/?l=bugtraq&m=112006967221438&w=2"}],"schema_version":"1.7.5"}