CVE-2007-6559 Information

Description

Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php.

Reference

http://osvdb.org/39790 http://osvdb.org/39791 http://secunia.com/advisories/28263 http://securityreason.com/securityalert/3496 http://www.securityfocus.com/archive/1/485480/100/0/threaded http://www.securityfocus.com/archive/1/490101/100/0/threaded http://www.securityfocus.com/bid/27003