SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (login parameter) to main.php.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2006-04-21 10:02
Updated : 2024-02-04 16:52
NVD link : CVE-2006-1962
Mitre link : CVE-2006-1962
CVE.ORG link : CVE-2006-1962
JSON object : View
Products Affected
pcpin
- pcpin_chat
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')