SQL injection vulnerability in login.php in Auth Php 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
References
Link | Resource |
---|---|
http://secunia.com/advisories/33908 | Vendor Advisory |
http://www.securityfocus.com/bid/33723 | |
https://www.exploit-db.com/exploits/8033 |
Configurations
History
No history.
Information
Published : 2009-02-25 20:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-0738
Mitre link : CVE-2009-0738
CVE.ORG link : CVE-2009-0738
JSON object : View
Products Affected
frankmancuso
- auth_php
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')