CVE-2005-3963

SQL injection vulnerability in session.php in DotClear before 1.2.3 allows remote attackers to execute arbitrary SQL commands via the dc_xd parameter in a cookie.

Date published : 2005-12-01

http://www.securityfocus.com/bid/15667

http://www.dotclear.net/forum/viewtopic.php?id=13876