CVE-2008-5131 Information

Description

Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php and the (2) username and (3) password to the admin panel (admin/index.php).

Reference

http://secunia.com/advisories/32595 http://securityreason.com/securityalert/4607 http://www.securityfocus.com/bid/32144 https://exchange.xforce.ibmcloud.com/vulnerabilities/46397 https://www.exploit-db.com/exploits/7014