CVE-2006-0856 Information

Description

SQL injection vulnerability in login.php in Scriptme SmE GB Host 1.21 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the Username parameter.

Reference

http://secunia.com/advisories/18823 http://www.evuln.com/vulns/66/summary.html http://www.securityfocus.com/archive/1/425317/100/0/threaded http://www.securityfocus.com/bid/16609 http://www.vupen.com/english/advisories/2006/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/24544