CVE-2009-2573
CVE-2009-2573 describes multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, triggered when magic_quotes_gpc is disabled. The flaw lets remote authenticated users execute arbitrary SQL commands via the (1) user parameter to (a) index.php and (b) rss.php. According to the entry, the CVS...