CVE-2008-6749

Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 checkuser and 2 checkpass parameters...