CVE-2009-3494
The CVE describes SQL injection vulnerabilities in the web application component index.php of T-HTB Manager 0.5. The root cause is improper handling of inputs when magic_quotes_gpc is disabled, enabling remote attackers to inject arbitrary SQL commands through parameters such as id (in delete_cat...