VULHUB ™

It has been reported that PHPMyWebHosting is vulnerable to a SQL injection attack. The vulnerability is reportedly in the script "includes/functions/pmwh.php" and is the result of a SQL query constructed using inadequately sanitized HTML form variables. The most immediate concern is that this code appears to authenticate a remote client and does so in a way that may be trivially subverted with a vulnerability such as this one. Furthermore, as this is SQL injection, it may be possible for attackers to view or modify sensitive/confidential data in the database. It may also be possible for attackers to exploit the database server itself, potentially gaining access to the underlying host.

It has been reported that PHPMyWebHosting is vulnerable to a SQL injection attack. The vulnerability is reportedly in the script "includes/functions/pmwh.php" and is the result of a SQL query constructed using inadequately sanitized HTML form variables. The most immediate concern is that this code appears to authenticate a remote client and does so in a way that may be trivially subverted with a vulnerability such as this one. Furthermore, as this is SQL injection, it may be possible for attackers to view or modify sensitive/confidential data in the database. It may also be possible for attackers to exploit the database server itself, potentially gaining access to the underlying host.