CVE-2006-0607

check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, which allows remote attackers to bypass authentication...

Authentication flaw

check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, which allows remote attackers to bypass authentication...

Cross site scripting

Cross-site scripting XSS vulnerability in add.php in Hinton Design phphd 1.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

Sql injection

Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the username parameter to check.php or 2 unknown attack vectors to scripts that display information from the database...

CVE-2006-0607

check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, which allows remote attackers to bypass authentication...

CVE-2006-0609

CVE-2006-0609 : The vulnerability affects Hinton Design’s phphd 1.0, specifically the add.php script, where a Cross‑Site Scripting (XSS) flaw allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Multiple independent sources (NVD entry, eVuln/SEC references, and Pack...

CVE-2006-0607

This CVE affects phphd 1.0 by Hinton Design. The vulnerability is in check.php where passwords are not validated when certain cookies are present, enabling remote authentication bypass. This is cookie-based authentication bypass (noted as a vulnerability in EV0060) that allows an attacker to bypa...

CVE-2006-0608

CVE-2006-0608 affects Hinton Design phphd 1.0. The vulnerability set includes SQL injection in the authentication flow, notably via the username parameter to check.php, and other scripts that display data from the database. The eVuln/disclosure documents indicate multiple vulnerabilities (SQL inj...