CVE-2009-3503
CVE-2009-3503: Multiple SQL injection vulnerabilities in BPowerHouse BPHolidayLettings 1.0 (search.aspx) allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters. Affected component/function: search.aspx in BPHolidayLettings 1.0. Root cause: improper validat...