CVE-2009-1066 Information

Description

SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0324.html http://lampsecurity.org/Pixie-CMS-Multiple-Vulnerabilities http://osvdb.org/52833 http://secunia.com/advisories/34364 http://www.securityfocus.com/bid/34189 https://exchange.xforce.ibmcloud.com/vulnerabilities/49335 https://www.exploit-db.com/exploits/8252