CVE-2006-0135 Information

Feb 14, 2021 cve

Description

SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the username parameter (aka the u variable).

Reference

http://evuln.com/vulns/17/exploit.html http://evuln.com/vulns/17/summary.html http://secunia.com/advisories/18392 http://securityreason.com/securityalert/321 http://securitytracker.com/id?1015450 http://www.osvdb.org/22294 http://www.securityfocus.com/archive/1/421039/100/0/threaded http://www.securityfocus.com/bid/16161 http://www.vupen.com/english/advisories/2006/0093 https://exchange.xforce.ibmcloud.com/vulnerabilities/24027

Share on: