CVE-2006-0693 Information

Description

Multiple SQL injection vulnerabilities in rb_auth.php in Roberto Butti CALimba 0.99.2 beta and earlier allow remote attackers to execute arbitrary SQL commands and bypass login authentication via the (1) login and (2) password parameters.

Reference

http://secunia.com/advisories/18856 http://securityreason.com/securityalert/453 http://www.evuln.com/vulns/68/summary.html http://www.securityfocus.com/archive/1/425364/100/0/threaded http://www.securityfocus.com/bid/16632 http://www.vupen.com/english/advisories/2006/0523 https://exchange.xforce.ibmcloud.com/vulnerabilities/24578