CVE-2005-3953 Information

Description

SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php or (3) ckode parameter to baca.php.

Reference

http://pridels0.blogspot.com/2005/11/bedengpsp-sql-inj-vuln.html http://secunia.com/advisories/17760 http://www.osvdb.org/21174 http://www.osvdb.org/21175 http://www.osvdb.org/21176 http://www.securityfocus.com/bid/15583