CVE Vulnerabilities

CVE-2005-3968

Published: Dec 03, 2005 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier allows remote attackers to execute arbitrary SQL commands, bypass authentication, and upload arbitrary PHP code via the username parameter.

Affected Software

Name Vendor Start Version End Version
Phpx Phpx 3.5 (including) 3.5 (including)
Phpx Phpx 3.5.1 (including) 3.5.1 (including)
Phpx Phpx 3.5.2 (including) 3.5.2 (including)
Phpx Phpx 3.5.3 (including) 3.5.3 (including)
Phpx Phpx 3.5.4 (including) 3.5.4 (including)
Phpx Phpx 3.5.5 (including) 3.5.5 (including)
Phpx Phpx 3.5.6 (including) 3.5.6 (including)
Phpx Phpx 3.5.7 (including) 3.5.7 (including)
Phpx Phpx 3.5.8 (including) 3.5.8 (including)
Phpx Phpx 3.5.9 (including) 3.5.9 (including)

References