CVE-2003-1523

SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:dbmail:dbmail:1.0:*:*:*:*:*:*:*
cpe:2.3:a:dbmail:dbmail:1.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2003-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2003-1523

Mitre link : CVE-2003-1523

CVE.ORG link : CVE-2003-1523


JSON object : View

Products Affected

dbmail

  • dbmail
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')