GroundZero Security

3 exploits Active since Apr 2006
CVE-2006-1955 EXPLOITDB text WRITEUP
RechnungsZentrale V2 1.1.3 - Remote File Inclusion via rootpath Parameter
PHP remote file inclusion vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter.
CVE-2006-1954 EXPLOITDB text WRITEUP
RechnungsZentrale V2 1.1.3 - SQL Injection via User Field
SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the User field.
CVE-2006-1954 EXPLOITDB text WRITEUP
RechnungsZentrale V2 1.1.3 - SQL Injection via User Field
SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the User field.