CVE-2006-1569 Information

Description

Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php.

Reference

http://evuln.com/vulns/115/summary.html http://secunia.com/advisories/19475 http://www.osvdb.org/24297 http://www.osvdb.org/24298 http://www.osvdb.org/24299 http://www.securityfocus.com/archive/1/431001/100/0/threaded http://www.securityfocus.com/bid/17336 http://www.vupen.com/english/advisories/2006/1186 https://exchange.xforce.ibmcloud.com/vulnerabilities/25578