SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.Referenceshttp://www.osvdb.org/72890http://www.exploit-db.com/exploits/17390http://secunia.com/advisories/44917http://www.securityfocus.com/bid/48224http://epsilonlambda.wordpress.com/2011/06/11/subrion-cms-multiple-vulnerabilities/
