CVE-2006-0943 Information

Description

SQL injection vulnerability in the sondages module in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

Reference

http://securityreason.com/securityalert/496 http://securitytracker.com/id?1015684 http://www.pwsphp.com/index.php?mod=news&ac=commentaires&id=278 http://www.securityfocus.com/archive/1/426084/100/0/threaded http://www.securityfocus.com/archive/1/426183/100/0/threaded http://www.vupen.com/english/advisories/2006/0748