Описание
SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the username parameter (aka the u variable).
SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the username parameter (aka the u variable).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0135
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24027
- http://evuln.com/vulns/17/exploit.html
- http://evuln.com/vulns/17/summary.html
- http://secunia.com/advisories/18392
- http://securityreason.com/securityalert/321
- http://securitytracker.com/id?1015450
- http://www.osvdb.org/22294
- http://www.securityfocus.com/archive/1/421039/100/0/threaded
- http://www.securityfocus.com/bid/16161
- http://www.vupen.com/english/advisories/2006/0093
EPSS
Процентиль: 88%
0.03677
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the username parameter (aka the u variable).
EPSS
Процентиль: 88%
0.03677
Низкий