CVE-2006-1920
The CVE-2006-1920 issue affects PMTool 1.2.2 and is a SQL injection vulnerability in index.php, exploitable via the order parameter within the included files (user.inc.php, customer.inc.php, and project.inc.php). The root cause is a failure to properly sanitize the order parameter leading to arbi...