CVE-2009-2345 Information

Description

Multiple SQL injection vulnerabilities in ClanSphere before 2009.0.1 allow remote attackers to execute arbitrary SQL commands via unknown parameters to the gbook module and unspecified other components.

Reference

http://secunia.com/advisories/35694 http://www.clansphere.net/index/news/view/id/405/ http://www.securityfocus.com/bid/35576 http://www.vupen.com/english/advisories/2009/1794