SQL Injection Vulnerabilities in OpenBook 1.2.2's auth_user Function

SQL Injection Vulnerabilities in OpenBook 1.2.2's auth_user Function

CVE-2005-2466 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

Multiple SQL injection vulnerabilities in the auth_user function in admin.php in OpenBook 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.