CVE-2004-2066

Publication date

2005-05-10 04:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and bypass authentication via the (1) linpha_userid or (2) linpha_password cookies.