2 matches found
ScozBook auth.php adminname Parameter SQL Injection - Ver2 (CVE-2006-0079)
An SQL injection vulnerability has been reported in ScozNet ScozBook BETA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2006-0079
CVE-2006-0079 describes an SQL injection vulnerability in ScozNet ScozBook BETA 1.1, specifically in auth.php via the adminname (username) field. The underlying issue is unsanitized input allowing a remote attacker to inject arbitrary SQL commands. Documents corroborate exploitation potential and...