oss-sec mailing list archives

Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection

From: Moritz Muehlenhoff <jmm () debian org>
Date: Wed, 14 Sep 2016 11:21:35 +0200

I noticed that in your original e-mail to this list, you did not cc
cve-assign.


That's true, but I never did in the past, as this mailing list is (or was?)
monitored by mitre, so posting here has been sufficient until now.


That said, I really hope that MITRE will continue to use this list for CVE 
assignments. List members have often followed up with information on CVE
requests which noone would be able to provide for the web-based approach.

Cheers,
        Moritz

Current thread:

ADOdb PDO driver: incorrect quoting may allow SQL injection Damien Regad (Sep 07)
- Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Damien Regad (Sep 13)
  - Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Andreas Stieger (Sep 14)
  - Message not available
    - Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Anonymous (Sep 14)
    - Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Moritz Muehlenhoff (Sep 14)
    - Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Kurt Seifried (Sep 14)
    - Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Jeremy Stanley (Sep 14)
    - Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Seth Arnold (Sep 14)
    - Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Kurt Seifried (Sep 14)
- Re: ADOdb PDO driver: incorrect quoting may allow SQL injection cve-assign (Sep 14)
  - Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Damien Regad (Sep 15)