CVE-2007-0847
Open Tibia Server CMS (OTSCMS) up to version 2.1.5 is affected by a SQL injection in mod/PM/reply.php, exploitable via the id parameter to priv.php. This allows remote attackers to execute arbitrary SQL commands. The affected component is the web-based CMS for OTSCMS; root cause is improper handl...