Multiple SQL injection vulnerabilities in MapServer prior to 4.10.7, 5.x prior to 5.6.7, and 6.x prior to 6.0.1 allow remote malicious users to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osgeo mapserver 4.10.3 |
||
osgeo mapserver 4.10.1 |
||
osgeo mapserver 4.8.0 |
||
osgeo mapserver 4.6.0 |
||
osgeo mapserver 4.10.0 |
||
osgeo mapserver 4.10.2 |
||
osgeo mapserver 4.4.0 |
||
osgeo mapserver 4.10.5 |
||
osgeo mapserver 4.10.4 |
||
osgeo mapserver 4.2.0 |
||
osgeo mapserver |
||
osgeo mapserver 5.2.0 |
||
osgeo mapserver 5.0.0 |
||
osgeo mapserver 5.4.0 |
||
osgeo mapserver 5.6.1 |
||
osgeo mapserver 5.6.3 |
||
osgeo mapserver 5.4.2 |
||
osgeo mapserver 5.6.0 |
||
umn mapserver 5.2.3 |
||
osgeo mapserver 5.2.1 |
||
osgeo mapserver 5.4.1 |
||
umn mapserver 5.6.4 |
||
umn mapserver 5.6.5 |
||
umn mapserver 5.6.6 |
||
umn mapserver 5.2.2 |
||
umn mapserver 6.0.0 |