Public CVE-2006-0652 disclosure

Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites 1.3 allow remote attackers to execute arbitrary SQL commands via multiple vectors including the username parameter.