CVE-2012-1670

The CVE describes an unauthenticated SQL database export vulnerability in PHP Grade Book (admin/index.php) present in versions before 1.9.5 BETA. The flaw allows an attacker to read/export the entire application database via the SaveSQL action, due to session handling that enables privileged acce...