CVE-2005-4264 Information

Description

Multiple SQL injection vulnerabilities in index.php in PHP Support Tickets 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields and (3) id parameter.

Reference

http://secunia.com/advisories/18067 http://securitytracker.com/id?1015352 http://www.nii.co.in/vuln/PHPSupportTickets.html http://www.osvdb.org/21730 http://www.securityfocus.com/bid/15853 http://www.vupen.com/english/advisories/2005/2928