Proftpd Project Proftpd : Security vulnerabilities, CVEs published in 2009

CVE-2009-0542

SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql.

Max CVSS

7.5

EPSS Score

92.67%

Published

2009-02-12

Updated

2018-10-11

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Proftpd Project » Proftpd : Security Vulnerabilities, CVEs, Published In 2009 CVSS score >= 7

CVE-2009-0542