MySQL Mysql_real_escape Function SQL Injection Vulnerability

MySQL Mysql_real_escape Function SQL Injection Vulnerability

MySQL is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise an application using a vulnerable database or to compromise the database itself.

MySQL versions prior to 5.0.22-1-0.1 and prior to 4.1.20 are vulnerable. Other versions may also be affected.