CVE-2006-3904

Publication date

2006-07-27 22:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.