SQL injection vulnerability in mod_mysql_vhost.c in lighttpd prior to 1.4.35 allows remote malicious users to execute arbitrary SQL commands via the host name, related to request_check_hostname.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lighttpd lighttpd |
||
debian debian linux 6.0 |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |
||
opensuse opensuse 11.4 |
||
opensuse opensuse 12.3 |
||
opensuse opensuse 13.1 |
||
suse linux enterprise high availability extension 11 |
||
suse linux enterprise software development kit 11 |