Sql injection

2009-02-1617:30:00

PRIOn knowledge base

www.prio-n.com

9.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.8%

JSON

Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0.0.3, and other 0.0.x versions, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php.

CPENameOperatorVersion
flexphpiceq0.0.4
flexphpiceq0.0.3 pro

CPE	Name	Operator	Version
	flexphpic	eq	0.0.4
	flexphpic	eq	0.0.3 pro

References

secunia.com/advisories/33376

exchange.xforce.ibmcloud.com/vulnerabilities/47653

www.exploit-db.com/exploits/7624