PT-2025-31175 · Z-Push +1 · Z-Push +1
Name of the Vulnerable Software and Affected Versions: z-push/z-push-dev versions prior to 2.7.6 Description: The software is vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the username field in basic...