CVE-2008-2412 Information

Description

SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Reference

http://www.securityfocus.com/bid/29253 http://www.z0rlu.ownspace.org/index.php?/archives/84-ACGV-News-v0.9.1-2003-SQL-inj.-XSS.html https://exchange.xforce.ibmcloud.com/vulnerabilities/42490