CVE-2006-0942 Information

Description

SQL injection vulnerability in profil.php in PwsPHP 1.2.3 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the aff_news_form parameter a different vulnerability than CVE-2005-1509.

Reference

http://downloads.securityfocus.com/vulnerabilities/exploits/PwsPHP_SQL_Inj.php http://www.osvdb.org/28444 http://www.securityfocus.com/bid/16567