CVE-2009-4749
CVE-2009-4749 documents multiple SQL injection flaws in PHP Live! versions 3.2.1 and 3.2.2. Remote attackers can execute arbitrary SQL commands via the x parameter to message_box.php and request.php. Public exploit references exist in the provided sources. The documents do not include remediation...