CVE-2006-3544
Multiple SQL injection vulnerabilities in Invision Power Board IPB 1.3 Final allow remote attackers to execute arbitrary SQL commands via the CODE parameter in a 1 Stats, 2 Mail, and 3 Reg action in index.php. NOTE: the developer has disputed this issue, stating that "At no point does the CODE...