CVE-2011-5076 Information

Description

SQL injection vulnerability in model/comment.class.php in HDWiki 5.0 5.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information.

Reference

http://bbs.wolvez.org/viewtopic.php?id=208 http://secunia.com/advisories/47907 http://www.securityfocus.com/bid/51871