CVE-2010-1093 Information

Description

SQL injection vulnerability in rss.php in 1024 CMS 2.1.1 when magic_quotes_gpc is disabled allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action.

Reference

http://secunia.com/advisories/38775 http://www.bugreport.ir/index_69.htm http://www.securityfocus.com/bid/38476