MySQL: SQL Injection

Background MySQL is a popular multi-threaded, multi-user SQL server. Description MySQL is vulnerable to an injection flaw in mysqlrealescape when used with multi-byte characters. Impact Due to a flaw in the multi-byte character process, an attacker is still able to inject arbitary SQL statements...

mysql security update

CentOS Errata and Security Advisory CESA-2006:0544 Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a...

FreeBSD : MySQL -- SQL-injection security vulnerability (7f8cecea-f199-11da-8422-00123ffe8333)

MySQL reports : A SQL-injection security hole has been found in multibyte encoding processing. A SQL-injection security hole can include a situation whereby when inserting user-supplied data into a database, the user might inject his own SQL statements that the server will execute. With regards t...

Sql injection

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysqlrealescape function is...

CVE-2006-2753

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysqlrealescape function is...