CVE-2006-4879

Publication date

2006-09-19 21:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in profile.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.