vendor:
GreenSQL Firewall
by:
SecurityFocus
7.5
CVSS
HIGH
Security-Bypass
287
CWE
Product Name: GreenSQL Firewall
Affected Version From: GreenSQL Firewall 0.9.1
Affected Version To: GreenSQL Firewall 0.9.1
Patch Exists: N/A
Related CWE: N/A
CPE: a:greensql:greensql_firewall
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
GreenSQL Firewall Security-Bypass Vulnerability
GreenSQL Firewall is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions. Successfully exploiting this issue may aid in SQL attacks on the underlying application. The following sample SQL expression is available: x=y=z
Mitigation:
Ensure that all user input is validated and filtered before being used in SQL queries.