VULHUB ™

It has been reported that dbmail IMAP service is prone to an SQL injection vulnerability due to insufficient sanitization of user-supplied input. The problem is reported to be present in various parameters such as username and password. This issue may allow a remote attacker to influence SQL query logic in order to view or modify sensitive information. Other attacks are possible as well. dbmail versions 1.1 and prior have been reported to be prone to this issue, however other versions may also be affected.

It has been reported that dbmail IMAP service is prone to an SQL injection vulnerability due to insufficient sanitization of user-supplied input. The problem is reported to be present in various parameters such as username and password. This issue may allow a remote attacker to influence SQL query logic in order to view or modify sensitive information. Other attacks are possible as well. dbmail versions 1.1 and prior have been reported to be prone to this issue, however other versions may also be affected.