CVE-2013-7262

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2013-7262

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-7262.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2013-7262

Downstream

DEBIAN-CVE-2013-7262

MGASA-2015-0097

Published

2014-01-05T20:55:04Z

Modified

2026-04-16T06:25:19.944231957Z

Summary

[none]

Details

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter.

References

http://www.mapserver.org/development/changelog/changelog-6-4.html#changelog-6-4-1
https://github.com/mapserver/mapserver/commit/3a10f6b829297dae63492a8c63385044bc6953ed
https://github.com/mapserver/mapserver/issues/4834
http://www.securityfocus.com/bid/64671

CVE-2013-7262

Affected packages