Vulnerabilities > Leon J Breedt > PAM Pgsql > 0.5.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-08-27 | CVE-2003-0672 | Unspecified vulnerability in Leon J Breedt Pam-Pgsql 0.5.1/0.5.2 Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message. | 7.5 |
2001-09-10 | CVE-2001-1369 | Remote SQL Query Manipulation vulnerability in Leon J Breedt Pam-Pgsql 0.5.1/0.5.2 Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields. | 7.5 |