CVE-2009-2128 Information

Description

SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the title (aka subject) field.

Reference

http://bugs.elvinbts.org/show_bug.php?id=49 http://secunia.com/advisories/35430