CVE-2008-5054 Information

Description

Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.

Reference

http://secunia.com/advisories/32594 http://www.securityfocus.com/bid/32147 https://exchange.xforce.ibmcloud.com/vulnerabilities/46396 https://www.exploit-db.com/exploits/7015