CVE-2005-2466

Name of the Vulnerable Software and Affected Versions OpenBook version 1.2.2

Description The issue concerns SQL injection vulnerabilities in the auth user function within the admin.php file. Remote attackers can exploit this by executing arbitrary SQL commands through the username or password parameters.

Recommendations For OpenBook version 1.2.2, as a temporary workaround, consider restricting access to the admin.php file or disabling the auth user function until a patch is available. Avoid using the username and password parameters in the affected function until the issue is resolved.