CVE-2007-10002

Name of the Vulnerable Software and Affected Versions web-cyradm (affected versions not specified)

Description A critical issue has been found in web-cyradm, affecting some unknown functionality of the file auth.inc.php. The manipulation of the argument login/login password/LANG leads to sql injection. The attack may be launched remotely.

Recommendations To fix this issue, it is recommended to apply a patch with the name 2bcbead3bdb5f118bf2c38c541eaa73c29dcc90f. As a temporary workaround, consider restricting access to the auth.inc.php file until a patch is applied. Additionally, avoid using the login/login password/LANG argument in the affected functionality to minimize the risk of exploitation.