2 matches found
Wordcircle index.php password Parameter SQL Injection - Ver2 (CVE-2006-0205)
An SQL injection vulnerability has been reported in Wordcircle. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2006-0205
CVE-2006-0205 covers multiple SQL injection vulnerabilities in Wordcircle 2.17. The documented vectors include: (1) bypassing authentication and executing arbitrary SQL via the password field in the login action to index.php (involving v_login.php and s_user.php); and (2) additional, unspecified ...