CVE-2008-3131 Information

Description

SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha when magic_quotes_gpc is disabled allows remote attackers to execute arbitrary SQL commands via the showid parameter.

Reference

http://securityreason.com/securityalert/3984 http://www.securityfocus.com/bid/30023 https://exchange.xforce.ibmcloud.com/vulnerabilities/43499 https://www.exploit-db.com/exploits/5977