CVE-2004-1961 Information

Description

blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded '\ characters (\27).

Reference

http://protector.warcenter.se/article-53–0-0.html http://www.securityfocus.com/archive/1/361300/2004-04-21/2004-04-27/0 http://www.securityfocus.com/bid/10206 http://www.waraxe.us/index.php?modname=sa&id=25