CVE-2010-4959 Information

Description

SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter.

Reference

http://secunia.com/advisories/40705 http://securityreason.com/securityalert/8469 http://www.exploit-db.com/exploits/14378 http://www.osvdb.org/66511 http://www.packetstormsecurity.com/1007-exploits/prepodcastportal-sql.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/60631