NuytsTech Security

CVE-2005-3521

by ·

SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page.

Date published : 2005-11-06

http://www.securityfocus.com/bid/15125

http://marc.info/?l=bugtraq&m=112967223222966&w=2

Tags: