Back to search
CVE-2007-2534
Published: May 9, 2007
Modified: Sep 25, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
23854
vdb-entry
x_refsource_BID
20070508 false: phpHoo3 Login SQL injection
mailing-list
x_refsource_VIM
36180
vdb-entry
x_refsource_OSVDB
2669
third-party-advisory
x_refsource_SREASON
20070506 phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now