CVE-2006-0074
CVE-2006-0074 describes an SQL injection in PHPenpals’ profile.php via the personalID parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. Connected sources indicate that the issue affects profile.php and note that 1.1 and earlier versions are affected; this vec...