CVE-2009-2640
CVE-2009-2640 describes multiple SQL injection vulnerabilities in the Interlogy Profile Manager Basic, specifically in the cgi/admin.cgi module. The issue allows remote attackers to execute arbitrary SQL commands by manipulating a pmadm cookie in two actions: edittemp and users. The available doc...