CVE-2006-3190

2006-06-2300:00:00

mitre

www.cve.org

8.8 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.0%

JSON

SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters.

References

marc.info/?l=bugtraq&m=115039446925252&w=2

securitytracker.com/id?1016322

www.vupen.com/english/advisories/2006/2403