CVE-2009-2326
CVE-2009-2326 describes multiple SQL injection vulnerabilities in KerviNet Forum 1.1 and earlier. The weaknesses allow remote attackers to execute arbitrary SQL commands via two confirmed vectors: (1) an enter_parol cookie to index.php in an auto action, and (2) the topic parameter to message.php...