CVE-2009-4574 Information

Description

SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter.

Reference

http://packetstormsecurity.org/0912-exploits/iescorts-sql.txt http://secunia.com/advisories/37957 http://www.exploit-db.com/exploits/10809 http://www.osvdb.org/61397 https://exchange.xforce.ibmcloud.com/vulnerabilities/55208