CVE-2005-4144
Lyris ListManager 5.0 through 8.9a allows remote attackers to add "ORDER BY" columns to SQL queries via unusual whitespace characters in the orderby parameter, such as 1 newlines and 2 0xFF ASCII 255 characters, which are interpreted as whitespace...