VYPR
Critical severity9.8NVD Advisory· Published May 9, 2007· Updated Jun 16, 2026

CVE-2007-2534

CVE-2007-2534

Description

Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Phphoo3/Phphoo32 versions
    cpe:2.3:a:phphoo3:phphoo3:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:phphoo3:phphoo3:*:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.