Seditio plug.php pag_sub[] Variable SQL Injection

2007-11-29T00:00:00
ID OSVDB:38924
Type osvdb
Reporter OSVDB
Modified 2007-11-29T00:00:00

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

References:

Vendor Specific News/Changelog Entry: http://www.neocrome.net/page.php?id=2349</a> Secunia Advisory ID:27881 ISS X-Force ID: 38774 Generic Exploit URL: http://milw0rm.com/exploits/4678 CVE-2007-6202 Bugtraq ID: 26655