-
THE BUG WAS FOUND IN: func.inc.php
function F_loginUser($Username,$Password) {
global $db;
$sql = "UPDATE T_Users SET ";
$sql .= "LastLogin = now() ";
$sql .= "WHERE Username = '$Username' ";
$sql .= "AND Password = '" . md5($Password) . "' ";
$sql .= "AND Verified = 'Y'";
mysql_query($sql,$db);
if (mysql_affected_rows()>0) {
return true;
The input is not sanitized.
2009-10-30 18:30:58 UTC in phpWebLog
-
THE BUG WAS FOUND IN: new_user.php
$usernames=strtolower($username);
$password=strtolower($password);
$sql="SELECT * FROM help_users WHERE username='$usernames' AND password='". md5($password) ."'";
$result=mysql_query($sql,$conn);
if (!$result || db_numrows($result) < 1){
$warning .= '** ERROR - Username not found or password incorrect.';
return false;.
2009-10-30 18:13:26 UTC in Helpdesk Solutions
-
THE BUG WAS FOUND IN: login.php3
if ((isset($UserName)) && (isset($Password)))
{
$sql = "SELECT * FROM members WHERE username='$UserName'";
$query = mysql_db_query($GLOBALS[database], $sql) or die(geterrdesc($sql));
if ($member = mysql_fetch_array($query))
{
if ($member[password] != $Password)
{
echo "Sorry, but the password did not match the username. Please check...
2009-10-30 17:59:41 UTC in blazeboard
-
THE BUG WAS FOUND IN: login.php
If ($strError == "") {
$strPassword = md5($strPassword);
$strSQL = "SELECT id, securityLevel FROM tblSecurity WHERE userID='$strUserName' AND password='$strPassword'";
$result = dbquery($strSQL);
$row = mysql_fetch_row($result);
If ($row[0] != "")
The sql input is not sanitized!
THE PROBLEM WITH THE CODE...
2009-10-30 11:20:53 UTC in phpMyInventory
-
THE BUG WAS FOUND IN: index.php
$sql = "SELECT nick, passwd FROM users WHERE nick = \"$nick\" AND passwd =
\"$passwd\"";
$result = mysql_query($sql);
// If user is valid redirect to this page and set the cookie.
// If user is not valid display a try again message.
if(mysql_num_rows($result) == 1)
The input is not sanitized!
THE PROBLEM WITH THE CODE ABOVE IS THAT I CAN INPUT AN...
2009-10-30 10:11:10 UTC in iPlanner
-
THE BUG WAS FOUND IN: index.php
$sql = "SELECT nick, passwd FROM users WHERE nick = \"$nick\" AND passwd = \"$passwd\"";
$result = mysql_query($sql);
// If user is valid redirect to this page and set the cookie.
// If user is not valid display a try again message.
if(mysql_num_rows($result) == 1)
The input is not sanitized!
THE PROBLEM WITH THE CODE ABOVE IS THAT I CAN...
2009-10-30 09:11:18 UTC in iPlanner
-
THE BUG IS IN: /includes/checkuser.inc.php
$query = "SELECT * FROM security ";
// query checks if user is in DB and if the passwords suit
$query .= "WHERE s_user='$txtUsername' AND s_password='$txtPassword';";
$mysql_result = query($query);
$row = mysql_fetch_row($mysql_result);
if ($row)
2009-10-30 05:04:23 UTC in PHP Helpdesk
-
The bug is in user/login.php
$quer= odbc_exec($con, "SELECT name, pass FROM $users where (name LIKE '$name' and pass LIKE '$cryptpass')"); //DIDN'T SANATIZE THE INPUT!!
if(odbc_fetch_row($quer) != 0) {
The input is not sanitized! An attacker can put in an SQL injection and obtain privileged access. By only checking to see if the result is not null, that gives the attacker the ability to...
2009-10-30 04:26:14 UTC in PHPHomework
