CVE-2004-1498 Information

Description

SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.

Reference

http://marc.info/?l=bugtraq&m=109943858026542&w=2 http://secunia.com/advisories/13079 http://www.hat-squad.com/en/000077.html http://www.securityfocus.com/bid/11586