Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 137152 - www-apps/mambo: SQL injection?
Summary: www-apps/mambo: SQL injection?
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://retrogod.altervista.org/mambo_...
Whiteboard: B3 [noglsa] Falco
Keywords:
Depends on:
Blocks:
 
Reported: 2006-06-18 02:45 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2006-06-29 06:41 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-06-18 02:45:14 UTC 
sql injection in "title" argument when you submit a web link.
Comment 1 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-06-29 06:41:58 UTC 
http://secunia.com/advisories/20745/

it was corrected in portage in 4.5.4-r1 on June 20th by rl03

closing without glsa (no stable ebuild)