CVE-2009-3315
The affected software is NeLogic Nephp Publisher Enterprise (versions 3.5.9 and 4.5). The vulnerability is a SQL injection in admin/index.php via the Username field, caused by improper handling of input in the web application. This allows remote attackers to execute arbitrary SQL commands, with t...