• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Hinton Design PHPHD Multiple Input Validation And Authentication Bypass Vulnerabilities

The 'phphd' application is prone to multiple input-validation vulnerabilities. These issues are due to failures in the application to properly sanitize user-supplied input.

Successful exploitation could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or possibly control how the site is rendered to the user.

Attackers may be also able to exploit vulnerabilities in the underlying database implementation and conduct other attacks.

Some of these issues may be related to those discussed in BID 16541 (Hinton Design PHPHG Guestbook Multiple Input Validation Vulnerabilities) and BID 16528 (Hinton Design PHPStatus Username SQL Injection Vulnerability).