Public CVE-2005-3152 disclosure

login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null...