CVE-2007-6127
CVE-2007-6127 affects project alumni 1.0.9 and earlier. The vulnerability is a SQL injection in the year parameter of two PHP entry points: view.page.inc.php (accessed via a view action to index.php) and news.page.inc.php (via a news action to index.php). Exploitation allows remote attackers to e...