CVE-2009-3217 Information

Description

SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php.

Reference

http://www.exploit-db.com/exploits/9266