CVE-2012-6507

Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the 1 uname or 2 pass parameters in a login action...