CVE-2008-6475
CVE-2008-6475 affects Drake CMS up to version 0.4.11, where the guestbook component (components/guestbook/guestbook.php) is vulnerable. An attacker can trigger a SQL injection by sending a crafted HTTP_VIA header to index.php, enabling remote execution of arbitrary SQL commands. The available doc...