3 matches found
The vulnerability of the central/executar_login.php component of the Mk-Auth authentication software allows a hacker to execute arbitrary SQL queries against the database.
The vulnerability of the central/executarlogin.php component of the Mk-Auth authentication software is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database in the target...
CVE-2020-14068
An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executarlogin.php...
UBUNTU-CVE-2017-12173
It was found that sssd's sysdbsearchuserbyupnres function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this fla...