Hi again,

it's two years later - I'm not sure whether or not this site has yet
been upgraded to the new codebase Christoph (Myon) referred to. But it
looks like there are still/again SQL injection issues present:

https://nm.debian.org/nmstatus.php?email='

I'm sending this in a public bug report since, to my knowledge, issues
in Debian web applications are not handled by the security team. After
all, this bug is really easy to detect.

Moritz



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to