RSS   Vulnerabilities for 'Alkalinephp'   RSS

2008-05-21
 
CVE-2008-2395

CWE-89
 

 
SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

 
2008-05-20
 
CVE-2008-2346

CWE-264
 

 
AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top