SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters.Referenceshttp://securityreason.com/securityalert/3349http://www.securityfocus.com/archive/1/307224/30/26300/threadedhttp://www.securitytracker.com/id?1005948http://www.securityfocus.com/bid/6594
