PCPIN Chat main.php login Variable SQL Injection

2006-04-19T05:32:40
ID OSVDB:24766
Type osvdb
Reporter OSVDB
Modified 2006-04-19T05:32:40

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

References:

Vendor URL: http://www.pcpin.com/ Security Tracker: 1015968 Secunia Advisory ID:19708 Related OSVDB ID: 24767 Other Advisory URL: http://retrogod.altervista.org/pcpin_504_xpl.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0413.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0807.html FrSIRT Advisory: ADV-2006-1441 CVE-2006-1962 Bugtraq ID: 17632