PT-2025-31175 · Unknown+1 · Z-Push-Dev+1
Xbow
·
Published
2025-07-29
·
Updated
2025-08-03
·
CVE-2025-8264
CVSS v3.1
9.0
Critical
| Vector | AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
z-push/z-push-dev versions prior to 2.7.6
Description
The software is vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the
username field in basic authentication, potentially allowing access to, and modification or deletion of, sensitive data from a linked third-party database. This issue affects Z-Push installations that utilize the IMAP backend and have the IMAP FROM SQL QUERY option configured.Recommendations
Change configuration to use the default or LDAP in backend/imap/config.php.
Set
IMAP DEFAULTFROM to an empty string:define('IMAP DEFAULTFROM','');or
Set
IMAP DEFAULTFROM to 'ldap':define('IMAP DEFAULTFROM','ldap');Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Z-Push
Z-Push-Dev