CVE Vulnerabilities

CVE-2004-2066

Published: Jul 29, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and bypass authentication via the (1) linpha_userid or (2) linpha_password cookies.

Affected Software

Name Vendor Start Version End Version
Linpha Linpha 0.9.0 0.9.0
Linpha Linpha 0.9.1 0.9.1
Linpha Linpha 0.9.2 0.9.2
Linpha Linpha 0.9.3 0.9.3
Linpha Linpha 0.9.4 0.9.4

References