SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782.
https://exchange.xforce.ibmcloud.com/vulnerabilities/32669
http://www.securityfocus.com/archive/1/460937/100/0/threaded