SQL Injection in SimpleSAMLphp

2019-11-0820:05:45

Google

osv.dev

0.002 Low

EPSS

Percentile

54.8%

JSON

The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php.

CPENameOperatorVersion
cesnet/simplesamlphp-module-proxystatisticseq1.2.0
cesnet/simplesamlphp-module-proxystatisticseq2.1.0
cesnet/simplesamlphp-module-proxystatisticseq3.0.0
cesnet/simplesamlphp-module-proxystatisticseq1.0.0
cesnet/simplesamlphp-module-proxystatisticseq1.4.1
cesnet/simplesamlphp-module-proxystatisticseq1.5.0
cesnet/simplesamlphp-module-proxystatisticseq1.1.0
cesnet/simplesamlphp-module-proxystatisticseq1.2.1
cesnet/simplesamlphp-module-proxystatisticseq2.0.0
cesnet/simplesamlphp-module-proxystatisticseq1.4.0

Name	Operator	Version
cesnet/simplesamlphp-module-proxystatistics	eq	1.2.0
cesnet/simplesamlphp-module-proxystatistics	eq	2.1.0
cesnet/simplesamlphp-module-proxystatistics	eq	3.0.0
cesnet/simplesamlphp-module-proxystatistics	eq	1.0.0
cesnet/simplesamlphp-module-proxystatistics	eq	1.4.1
cesnet/simplesamlphp-module-proxystatistics	eq	1.5.0
cesnet/simplesamlphp-module-proxystatistics	eq	1.1.0
cesnet/simplesamlphp-module-proxystatistics	eq	1.2.1
cesnet/simplesamlphp-module-proxystatistics	eq	2.0.0
cesnet/simplesamlphp-module-proxystatistics	eq	1.4.0