CVE-2006-2889

Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and earlier allow remote attackers to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via the (1) category or (2) archivedate parameter.

Date published : 2006-06-07

http://www.securityfocus.com/bid/18276

http://www.securityfocus.com/archive/1/435856/100/0/threaded