Interpretation conflict in resetpw.php in phpBannerExchange prior to 2.0 Update 6 allows remote malicious users to execute arbitrary SQL commands via an email parameter containing a null (%00) character after a valid e-mail address, which passes the validation check in the eregi PHP command. NOTE: it could be argued that this vulnerability is due to a bug in the eregi PHP command and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpBannerExchange.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eschew.net phpbannerexchange 2.0_update_3 |
||
eschew.net phpbannerexchange 2.0_update_4 |
||
eschew.net phpbannerexchange 2.0 |
||
eschew.net phpbannerexchange 2.0_update_1 |
||
eschew.net phpbannerexchange 2.0_update_2 |
||
eschew.net phpbannerexchange 2.0_update_5 |