CVE-2011-5111 Information

Description

Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang 3.x allow remote attackers to execute arbitrary SQL commands via the hal parameter to (1) the data module in alumni.php; or the (2) lih_buku (3) artikel (4) album or (5) berita module in index.php.

Reference

http://packetstormsecurity.org/files/view/107254/cmsbalitbang-sql.txt http://www.securityfocus.com/bid/50797 https://exchange.xforce.ibmcloud.com/vulnerabilities/71466