CVE-2010-0802 Information

Description

SQL injection vulnerability in index.php in (nv2) Awards 1.1.0 a modification for Invision Power Board allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action.

Reference

http://packetstormsecurity.org/1001-exploits/ipbawards-sql.txt http://secunia.com/advisories/38407 http://www.exploit-db.com/exploits/11297