CVE-2007-6058
ProfileCMS 1.0 and earlier contains multiple SQL injection flaws in index.php. The id parameter in three actions (profile-codes, video-codes, arcade-games) is exploitable, enabling remote attackers to execute arbitrary SQL via normal requests. The vulnerability is documented across multiple sourc...