CVE-2008-4768
CVE-2008-4768 describes an SQL injection in TLM CMS 3.1 that allows remote attackers to run arbitrary SQL via the nom parameter to a-b-membres.php. The entry notes that the goodies.php vector is covered by CVE-2007-4808, and provenance is stated as unknown (third-party sources). The connected doc...