CVE-2008-4161
CVE-2008-4161 affects Assetman 2.5b, where a vulnerability in search_inv.php allows SQL injection via crafted order and order_by parameters in a search_all action. This can enable remote attackers to execute arbitrary SQL commands and may enable session fixation. The primary sources describe the ...