Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use
Metrics
Affected Vendors & Products
References
History
Wed, 25 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-89 | |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: mitre
Published: 2007-05-09T00:00:00
Updated: 2024-09-25T16:07:11.501Z
Reserved: 2007-05-08T00:00:00
Link: CVE-2007-2534

Updated: 2024-08-07T13:42:33.409Z

Status : Modified
Published: 2007-05-09T00:19:00.000
Modified: 2024-11-21T00:31:00.900
Link: CVE-2007-2534

No data.