2 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-8264
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inje...
SQL Injection
Overview z-push/z-push-dev is an open-source application to synchronize ActiveSync compatible devices Affected versions of this package are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the username field ...