CVE-2007-0642
SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL – ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp.
Date published : 2007-01-31
http://www.securityfocus.com/bid/22350
http://www.securityfocus.com/archive/1/458495/100/0/threaded