CVE-2008-1631 Information

Description

SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter related to the login form field in index.php.

Reference

http://secunia.com/advisories/29612 http://securityreason.com/securityalert/3792 http://www.securityfocus.com/archive/1/490305/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/41544