Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
MySQL Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2009-5026 - Vulnerability Database
MySQL

MySQL Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2009-5026

Medium
Reference: CVE-2009-5026
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2009-5026
Title: MySQL Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50 when running in certain slave configurations in which the slave is running a newer version than the master allows remote attackers to execute arbitrary SQL commands via custom comments.