Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) startletter parameter in userview.asp and the (2) forumname parameter in topics.asp.
Publication date: Wed, 31 May 2006 15:06:00 +0000