GreenSQL Firewall (greensql-fw), possibly prior to 0.9.2 or 0.9.4, allows remote malicious users to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
greensql greensql firewall 0.3.4 |
||
greensql greensql firewall |
||
greensql greensql firewall 0.3.5 |
||
greensql greensql firewall 0.8.2 |