MidnightBSD

Advisories for csp_mysql_user_manager_project

CVE-2014-1466 HIGH

SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
csp_mysql_user_manager_project csp_mysql_user_manager 2.3
CVE-2018-10757 HIGH

CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a crafted username during a login attempt.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
csp_mysql_user_manager_project csp_mysql_user_manager 2.3.1