CVE-2007-2622 Information

Description

Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login.php or (2) the taskid parameter to notes.php.

Reference

http://osvdb.org/35972 http://osvdb.org/35973 http://secunia.com/advisories/25221 http://www.securityfocus.com/bid/23919 http://www.vupen.com/english/advisories/2007/1768 https://exchange.xforce.ibmcloud.com/vulnerabilities/34249 https://www.exploit-db.com/exploits/3896