Lucene search
Veracode Vulnerability DatabaseVERACODE:21370HistoryAug 26, 2019 - 5:35 a.m.
SQL Injection
2019-08-2605:35:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.002 Low
EPSS
Percentile
54.8%
cesnet/simplesamlphp-module-proxystatistics is vulnerable to SQL injection. The vulnerability exists as the statements in lib/Auth/Process/DatabaseCommand.php is not parameterized.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cesnet/simplesamlphp-module-proxystatistics | le | 3.0.0 |
References
github.com/CESNET/proxystatistics-simplesamlphp-module/commit/e56b937ea709406cdbb76b8128bf22f3b9614037
github.com/CESNET/proxystatistics-simplesamlphp-module/issues/17
github.com/CESNET/proxystatistics-simplesamlphp-module/pull/18
github.com/CESNET/proxystatistics-simplesamlphp-module/pull/19
github.com/CESNET/proxystatistics-simplesamlphp-module/releases/tag/v3.1.0
Related
nvd
nvd
CVE-2019-15537
2019-08-23 18:15:11
prion
prion
Sql injection
2019-08-23 18:15:00
cve
cve
CVE-2019-15537
2019-08-23 18:15:11
osv
osv
CVE-2019-15537
2019-08-23 18:15:11
SQL Injection in SimpleSAMLphp
2019-11-08 20:05:45
github
github
SQL Injection in SimpleSAMLphp
2019-11-08 20:05:45
cvelist
cvelist
CVE-2019-15537
2019-08-23 17:49:40