CVE-2007-0864
CVE-2007-0864 describes an SQL injection in register.php of LushiWarPlaner 1.0 , exploitable via the id parameter. The underlying issue is unsafe SQL construction that allows remote attackers to inject arbitrary SQL commands. Impact stated: potential data exposure or modification (partial confide...