nss_postgresql 0.6.1 and before allows a remote malicious user to execute arbitrary SQL queries by inserting SQL code into an HTTP request.
alessandro gardich nss postgresql 0.6.1