2007-05-11 17:00:00
mitre
PUBLISHED
SQL injection vulnerability in admin.php in SchoolBoard allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: CVE disputes this issue, because username does not exist, and the password is not used in any queries