2 matches found
Sql injection
Multiple SQL injection vulnerabilities in rbauth.php in Roberto Butti CALimba 0.99.2 beta and earlier allow remote attackers to execute arbitrary SQL commands and bypass login authentication via the 1 login and 2 password parameters...
CVE-2006-0693
CALimba (Roberto Butti) 0.99.2 beta and earlier has SQL injection in rb_auth.php. The login and password parameters are not sanitized before being used in a SQL query, enabling remote attackers to bypass authentication and execute arbitrary SQL commands. Root cause: unsanitized user inputs in the...