CVE-2007-2854
CVE-2007-2854 describes multiple SQL injection vulnerabilities in the PHP script account_change.php of BtiTracker 1.4.1 and earlier . The vulnerability is exploitable via the parameters style or langue , allowing remote attackers to execute arbitrary SQL commands. The vulnerability description in...