CVE-2010-0954 Information

Description

SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter.

Reference

http://evilc0de.blogspot.com/2010/03/pre-e-learning-portal-sql-injection.html http://osvdb.org/62774 http://secunia.com/advisories/38891 http://www.packetstormsecurity.com/1003-exploits/preelearningportal-sql.txt http://www.securityfocus.com/bid/38582 https://exchange.xforce.ibmcloud.com/vulnerabilities/56729