CVE-2005-4056 Information

Description

SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) Location (2) Last Name and (3) First Name parameters.

Reference

http://pridels0.blogspot.com/2005/12/pluggedout-nexus-sqlxss-vuln_06.html http://secunia.com/advisories/17909 http://www.osvdb.org/21478 http://www.securityfocus.com/bid/15724 http://www.vupen.com/english/advisories/2005/2751