phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpsquidpass | Php | * | * |