Description - Authentication Bypass Vulnerability in CALimba
SQL Injection found in CALimba script.
- Exploit
- Available
- Solution
- Not available - check vendor's website
Vulnerable script: rb/cls/rb_auth.php
Variables $login $password are not properly sanitized before being used in a SQL query. This can be used to pass authorization or make any SQL query by injecting arbitrary SQL code.
Condition: magic_quotes_gpc - off
Order Source Code Analysis made by eVuln team
Protect your site or web application by PHP code testing of your website done by Aliaksandr Hartsuyeu.The task will be done by experts in web security.