CVE-2006-0135
The CVE-2006-0135 entry concerns a SQL injection in TheWebForum (twf) 1.2.1, specifically in login.php via the username parameter (u). The root cause is unsafely constructed SQL in the login routine, enabling remote attackers to execute arbitrary SQL and bypass authentication. The linked document...