CVE-2004-1402 - Quadrennial Butchdyke
Description
SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter for index.php (2) comments.php or (3) the administrator login page.
Reference
http://www.securityfocus.com/bid/11946 http://marc.info/?l=bugtraq&m=110314454810163&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18505