MySQL Eventum contains a flaw that may allow a remote attacker to carry out an SQL injection attack and bypass authentication settings. The issue is due to the 'login.php' script not properly sanitizing user-supplied input to the 'email' variable. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database to bypass authentication.

Upgrade to version 1.6.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Security Tracker: 1014603
• Milw0rm: 1134
• Exploit Database: 1134
• Bugtraq ID: 14437
• Secunia Advisory ID: 16304
• Related OSVDB ID: 18400 18401 18402 18404 18405 18406
• CVE ID: 2005-2468 (see also: NVD)
• ISS X-Force ID: 21640
• VUPEN Advisory: ADV-2005-1287
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-08/0014.html
• Vendor URL: http://dev.mysql.com/downloads/other/eventum/
• Vendor Specific News/Changelog Entry: http://lists.mysql.com/eventum-users/2072
• Other Advisory URL: http://www.gulftech.org/?node=research&article_id=00093-07312005

• James Bercegay - securitygulftech.org - GulfTech Security Research