CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-0500

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 80.9%

CVSS Severity

CVSS v2 Score 10.0

References

http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005826.html
http://www.debian.org/security/2003/dsa-338
http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005826.html
http://www.debian.org/security/2003/dsa-338

Products affected by CVE-2003-0500

Proftpd Project » Proftpd » Version: 1.2.9_rc1

cpe:2.3:a:proftpd_project:proftpd:1.2.9_rc1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-0500

Products

Pricing

Contact Us