{"id":"CVE-2011-2688","details":"SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.","modified":"2025-08-09T19:01:27Z","published":"2011-07-28T18:55:02Z","references":[{"type":"ADVISORY","url":"http://anders.fix.no/software/#unix"},{"type":"REPORT","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633637"},{"type":"ADVISORY","url":"http://code.google.com/p/mod-auth-external/issues/detail?id=5"},{"type":"ADVISORY","url":"http://secunia.com/advisories/45240"},{"type":"ADVISORY","url":"http://www.debian.org/security/2011/dsa-2279"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2011/07/12/10"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2011/07/12/17"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/48653"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68799"}],"schema_version":"1.7.3"}