CVE-2008-4620 Information

Description

SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php and possibly (2) day.php and (3) week.php.

Reference

http://securityreason.com/securityalert/4450 http://www.securityfocus.com/bid/31809 http://www.vupen.com/english/advisories/2008/2865 https://exchange.xforce.ibmcloud.com/vulnerabilities/45972 https://www.exploit-db.com/exploits/6781