skip to content
Back to GitHub.com
Home Bounties CodeQL Research Advisories Get Involved Events
April 20, 2020

GHSL-2020-031: SQL injection in PureFTPd

Antonio Morales

Summary

The pw_pgsql_connect function does not properly sanitize SQL queries, leading to SQLi via the pgsql config file.

Product

PureFTPd

CVE

No CVE assigned

Tested Version

Development version - master branch (Feb 20, 2020)

Details: Broken SQL sanitizer in pw_pgsql_connect (SQLi via config file)

Two different bugs have been detected:

Impact

This issue may lead to a local SQLi via pqsql config file.

Remediation

Coordinated Disclosure Timeline

This report is subject to our coordinated disclosure policy.

Resources

Credit

This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales).

Contact

You can contact the GHSL team at securitylab@github.com, please include the GHSL-2020-031 in any communication regarding this issue.