SQL injection vulnerability in auth.php in PaFileDB 3.1, when authmethod is set to cookies, allows remote attackers to execute arbitrary SQL commands via the us