CVE-2005-3157 Information

Description

SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execute arbitrary SQL commands via the msg_send parameter a different vulnerability than CVE-2005-3158 and CVE-2005-3159.

Reference

http://marc.info/?l=bugtraq&m=112793982604963&w=2 http://rgod.altervista.org/phpfusion600109.html http://secunia.com/advisories/16994 http://www.php-fusion.co.uk/news.php?readmore=259