3 matches found
CVE-2009-1208
SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysqlrealescapestring function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings...
CVE-2009-1208
SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysqlrealescapestring function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings...
CVE-2009-1208
The CVE-2009-1208 issue affects auth2db versions 0.2.5 and possibly earlier than 0.2.7, where the code uses addslashes instead of mysql_real_escape_string. This incorrect escaping allows remote SQL injection via multibyte character encodings, exposing the application to unauthorized data access o...