Описание
SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | ignored | end of life, was needed |
| jaunty | ignored | end of life |
| karmic | not-affected | 0.2.5-2+dfsg-1.1ubuntu1 |
| lucid | not-affected | |
| maverick | not-affected | |
| upstream | released | 0.2.5-2+dfsg-1.1 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
SQL injection vulnerability in auth2db 0.2.5, and possibly other versi ...
SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
EPSS
7.5 High
CVSS2