CVE-2007-6202 Information

Description

SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.

Reference

http://osvdb.org/38924 http://secunia.com/advisories/27881 http://www.neocrome.net/page.php?id=2349 http://www.securityfocus.com/bid/26655 https://exchange.xforce.ibmcloud.com/vulnerabilities/38774 https://www.exploit-db.com/exploits/4678