** DISPUTED ** Multiple SQL injection vulnerabilities in...
High severity
Unreviewed
Published
May 1, 2022
to the GitHub Advisory Database
•
Updated Sep 25, 2024
Description
Published by the National Vulnerability Database
May 9, 2007
Published to the GitHub Advisory Database
May 1, 2022
Last updated
Sep 25, 2024
** DISPUTED ** Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use.
References