CVE-2007-3539
Multiple SQL injection vulnerabilities in QuickTicket 1.2 (build:20070621) and QuickTalk Forum 1.3 allow remote attackers to execute arbitrary SQL via parameter misuse in several pages: (1) t and (2) f in qti_ind_post.php and qti_ind_post_prt.php; (3) dir and (4) order in qti_ind_member.php; (5) ...