CVE-2009-2232
The CVE describes a SQL injection in Softbiz Banner Ad Management Script specifically in image.php, exploitable via the size_id parameter. The root cause is improper handling of the size_id input leading to arbitrary SQL execution by remote attackers. The available documents confirm the affected ...