EUVD-2005-2467

Malware in sbrugna...

CVE-2005-2466

OpenBook 1.2.2 is affected by multiple SQL injection vulnerabilities in the auth_user function of admin.php, allowing remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. The vulnerability is detailed in CVE-2005-2466 with a NVD base score of 6.4 (MED...

[SVadvisory] - SQL injection in OpenBook 1.2.2

SVadvisory12 Title: SQl injection Product: OpenBook Version: 1.2.2 Site: http://openbook.sourceforge.net/ Vulnerabilities Code: function authuser$userid, $password global $HTTPPOSTVARS; global $admintable; $userid=$HTTPPOSTVARS'userid'; $password=$HTTPPOSTVARS'password'; dbconnect; $query="SELECT...