Vulnerabilities > CVE-2007-2534 - Unspecified vulnerability in PHPhoo3

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
phphoo3
NVD
Published: 2007-05-09
Updated: 2024-04-11

Summary

Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use

Vulnerable Configurations

Part Description Count
Application
Phphoo3
1

References