CVE-2005-4719 Information

Description

Multiple SQL injection vulnerabilities in Sysbotz Systems Panel 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the cid parameter in knowledgebase/index.php (2) the aid parameter in knowledgebase/view.php (3) the cid parameter in contact/update.php (4) the letter parameter in links/index.php (5) the mid parameter in messageboard/view.php and (6) the tid parameter in tickets/view.php.

Reference

http://pridels0.blogspot.com/2005/11/systems-panel-v10x-multiple-sql-inj.html http://www.osvdb.org/21320 http://www.osvdb.org/21321 http://www.osvdb.org/21322 http://www.osvdb.org/21323 http://www.osvdb.org/21324 http://www.osvdb.org/21325