SQL Injection Vulnerability in Mailutils SQL Authentication Module by Gnu
CVE-2005-1824

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
2 June 2005

Summary

The sql_escape_string function in the Mailutils SQL authentication module fails to adequately escape backslash characters in SQL queries. This flaw can be exploited to perform SQL injection attacks, allowing malicious users to manipulate SQL queries and potentially gain unauthorized access to sensitive data or control over the database.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.