source: gforge
date: September 9, 2007
author: Nico Golde
vuln-type: sql injection
problem-scope: remote
debian-specifc: no
cve: CVE-2007-3913
vendor-advisory:
testing-fix: 4.5.14-23lenny2
sid-fix: 4.6.99+svn6086-1
upgrade: apt-get upgrade

The gforge collaborative development environment is prone
to an SQL injection due to insufficient input sanitizing.

CVE-2007-3913

SQL injection vulnerability in Gforge before 3.1 allows
remote attackers to execute arbitrary SQL commands via
unspecified vectors.