CVE-2006-3959
CVE-2006-3959 affects X-Scripts X-Protection 1.10, where protect.php is vulnerable to SQL injection when magic_quotes_gpc is disabled. An attacker can supply crafted values for the (1) username and (2) password parameters to trigger arbitrary SQL execution remotely via HTTP to protect.php. The ro...