CVE-2006-1557

Name of the Vulnerable Software and Affected Versions: X-Changer version 0.2

Description: The issue allows remote attackers to execute arbitrary SQL commands. This is possible via the from and into parameters in a calculate action, and the id parameter in an edit action to "index.php".

Recommendations: For X-Changer version 0.2, as a temporary workaround, consider restricting access to the calculate and edit actions in index.php until a patch is available. Avoid using the from, into, and id parameters in the affected actions until the issue is resolved.