CVE-2006-1958

Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote attackers to execute arbitrary SQL commands via (1) the forumreferrer cookie to register.php and (2) the messages parameter in message_list.php.

Date published : 2006-04-21

http://www.securityfocus.com/bid/17615

http://www.securityfocus.com/archive/1/431400/100/0/threaded