CVE-2005-0841 Information

Description

SQL injection vulnerability in (1) people.php (2) track.php (3) edit.php (4) document.php (5) census.php (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands as demonstrated via (1) the person parameter to people.php or (2) the Login field.

Reference

http://marc.info/?l=bugtraq&m=111143649730845&w=2 http://secunia.com/advisories/14642 http://securitytracker.com/id?1013493 http://www.securityfocus.com/bid/12860 https://exchange.xforce.ibmcloud.com/vulnerabilities/19787