Francesco Laurita

1 exploit Active since Oct 2006
CVE-2006-5228 EXPLOITDB text WORKING POC
ackerTodo <= 4.2 - SQL Injection via Google Gadget Login Parameters
Multiple SQL injection vulnerabilities in the Google Gadget login.php (gadget/login.php) in Rob Hensley ackerTodo 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) up_login, (2) up_pass, or (3) up_num_tasks parameters.