CVE-2008-7120 Information

Description

SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.

Reference

http://www.packetstormsecurity.org/0809-exploits/hotlinks-sql.txt http://www.securityfocus.com/bid/31118