2 matches found
CVE-2007-2534
CVE-2007-2534 pertains to phpHoo3, where multiple SQL injection vulnerabilities are described in admin.php, exploitable via login parameters (ADMIN_USER/USER and ADMIN_PASS/PASS). The root cause is ambiguous in some sources, but the connected documents consistently cite SQL injection in the login...
CVE-2007-2534
Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the 1 ADMINUSER USER and 2 ADMINPASS PASS parameters during a login. NOTE: CVE disputes this vulnerability, since ADMINUSER/ADMINPASS are initialized before use...