Security Advisory

CVE-2010-3076

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-10-12 21:00:00

Last updated 2024-08-07 02:55:46

Assigner redhat

State PUBLISHED

Description

The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 does not anchor a certain regular expression, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via the username parameter to the admin login page.

← Browse all CVEs View on cve.org ↗