CVE-2003-0040
EPSS 0.49%courier-ssl - missing input sanitizing
Published: 2/19/2003Modified: 4/28/2026
Description
SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.
Affected packages (2)
- Debian/courierfrom 0, < 0.40.2-3
- Debian/courierfrom 0, < 0.37.3-3.3