CVE-2009-1778

SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.

Date published : 2009-05-22

http://www.securityfocus.com/bid/34920

http://www.securityfocus.com/archive/1/503448/100/0/threaded