CVE-2005-2486 Information

Description

SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to \Forum-read_mess\ a different vulnerability than CVE-2005-1701.

Reference

http://msgs.securepoint.com/cgi-bin/get/bugtraq0508/53.html http://www.osvdb.org/18685 http://www.securityfocus.com/bid/14474