CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 15:15:46 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e67cd2fdb0a3b693c8a19c46acadbde4fe3ee9dd
CVEs-PoC/2004/CVE-2004-1938.md
T
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

781 B
Raw Blame History

CVE-2004-1938

Description

SQL injection vulnerability in userlogin.php in Phorum 3.4.7 allows remote attackers to execute arbitrary SQL commands via doubly hex-encoded characters such as "%2527", which is translated to "'", as demonstrated using the phorum_uriauth parameter to list.php.

POC

Reference

Github

No PoCs found on GitHub currently.

Reference in New Issue View Git Blame Copy Permalink