CVE-2006-2911
SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Date published : 2006-06-21
http://www.securityfocus.com/bid/18451
http://www.securityfocus.com/archive/1/437183/100/200/threaded