• info
• discussion
• exploit
• solution
• references

PEAR::Auth Multiple Unspecified SQL Injection Vulnerabilities

Solution:
The vendor has released fixes to address this issue.

Please see the referenced vendor advisories for details on obtaining and applying the appropriate updates.


PEAR PEAR::Auth 1.2.3

• PEAR Auth-1.2.4.tgz
  http://pear.php.net/get/Auth-1.2.4.tgz

PEAR PEAR::Auth 1.3 r3

• PEAR Auth-1.3.0r4.tgz
  http://pear.php.net/get/Auth-1.3.0r4.tgz