CVE-2012-6507 Information

Description

Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pass parameters in a login action.

Reference

http://archives.neohapsis.com/archives/bugtraq/2012-04/0178.html http://packetstormsecurity.org/files/112106/ChurchCMS-0.0.1-SQL-Injection.html http://www.securityfocus.com/bid/53209 https://exchange.xforce.ibmcloud.com/vulnerabilities/75110