CVE-2005-2415
Contrexx up to version 1.0.4 is affected by multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via the poll module (value parameter) or the gallery module (pId parameter). The underlying issue is input unsanitization in these parameters, enabling ...