SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 5.0 |
| debian | debian_linux | 7.0 |
| debian | debian_linux | 6.0 |
| mod_authnz_external_project | mod_authnz_external | * |