CVE-2005-3509 Information

Description

Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php (3) comment.php and (4) news.php.

Reference

http://foro.elhacker.net/index.php?topic=93436.0 http://www.security.nnov.ru/Kdocument105.html http://www.securityfocus.com/bid/15324 http://www.vupen.com/english/advisories/2005/2310