CVE-2009-3217
CVE-2009-3217 describes an SQL injection in the admin module of iWiccle 1.01. The vulnerability occurs in the edit_user action (index.php) via the member_id parameter, due to unsafe SQL handling in the admin code, enabling remote attackers to execute arbitrary SQL commands. The CVSSv2 base score ...