CVE-2010-2689
CVE-2010-2689 describes an SQL injection in cont_form.php of Internet DM WebDM CMS, exploitable via the cf_id parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. Affected component is the cont_form.php handling of cf_id; root cause is unsafely constructed SQL i...