CVE-2006-1347

Name of the Vulnerable Software and Affected Versions gCards versions 1.45 and earlier

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the username parameter in the login function.

Recommendations For versions 1.45 and earlier, update to a version later than 1.45 to resolve the issue. As a temporary workaround, consider restricting access to the login function to minimize the risk of exploitation. Avoid using the username parameter in the affected login endpoint until the issue is resolved.