This is a technical analysis of a SQL injection vulnerability in Webspell's authentication mechanism, specifically in the handling of the `ws_auth` cookie. The writeup details how the lack of proper input sanitization allows for authentication bypass via SQL injection when `magic_quotes` is disabled.