Unrated severityNVD Advisory· Published Jul 6, 2006· Updated Jun 16, 2026

CVE-2006-3389

Description

index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL table prefixes, via an invalid paged parameter, which displays the information in an SQL error message. NOTE: this issue has been disputed by a third party who states that the issue does not leak any target-specific information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/WordPress2 versions
cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
- (no CPE)range: = 2.0.3
Package: https://wordpress.org/plugins/wordpress

Patches

Vulnerability mechanics

References

secunia.com/advisories/20928nvdVendor Advisory
secunia.com/advisories/21447nvd
security.gentoo.org/glsa/glsa-200608-19.xmlnvd
securityreason.com/securityalert/1187nvd
www.securityfocus.com/archive/1/438942/100/0/threadednvd
www.securityfocus.com/archive/1/439031/100/0/threadednvd
www.securityfocus.com/archive/1/439062/100/0/threadednvd
www.securityfocus.com/archive/1/440127/100/0/threadednvd
www.securityfocus.com/bid/18779nvd
www.vupen.com/english/advisories/2006/2661nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000