3 matches found
PHPFootball 'filter.php' Password Hash Information Disclosure Vulnerability
PHPFootball is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain sensitive information that may lead to further attacks. PHPFootball 1.6 is vulnerable; other versions may also be affecte...
PHPFootball <= 1.6 Information Disclosure Vulnerability - Active Check
PHPFootball is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2009-0711
filter.php in PHPFootball 1.6 and earlier allows remote attackers to retrieve password hashes via a request with an Accounts value for the dbtable parameter, in conjunction with a Password value for the dbfield parameter. NOTE: this has been reported as a SQL injection vulnerability by some...