SQL injection vulnerability in admin/index.php in jCore prior to 1.0pre2 allows remote malicious users to execute arbitrary SQL commands via the memberloginid cookie.
jcore jcore