CVE-2008-2995 Information

Description

Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php.

Reference

http://securityreason.com/securityalert/3969 http://www.securityfocus.com/archive/1/493273/100/0/threaded http://www.securityfocus.com/bid/29659