CVE-2007-1920 Information

Description

SQL injection vulnerability in index.php in the aktualnosci module in SmodBIP 1.06 and earlier allows remote attackers to execute arbitrary SQL commands via the zoom parameter possibly related to home.php.

Reference

http://osvdb.org/34745 http://secunia.com/advisories/24802 http://www.securityfocus.com/bid/23356 http://www.vupen.com/english/advisories/2007/1298 https://exchange.xforce.ibmcloud.com/vulnerabilities/33476 https://www.exploit-db.com/exploits/3678