CVE-2006-1849
The CVE-2006-1849 entry describes multiple SQL injection vulnerabilities in the web component members_only/index.cgi of xFlow (versions 5.46.11 and earlier). The underlying issue is improper handling of user-supplied input, allowing an attacker to manipulate SQL queries through the (1) position a...