CVE-2006-3959

2006-08-01T21:04:00
ID CVE-2006-3959
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:32:00

Description

SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameter.