CVE-2013-5697 Information

Description

SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header.

Reference

http://osvdb.org/97588 http://www.baesystemsdetica.com.au/Research/Advisories/mod_accounting-Blind-SQL-Injection-28DS-2013-00629