CVE-2011-5212 Information

Description

SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.

Reference

http://epsilonlambda.wordpress.com/2011/06/11/subrion-cms-multiple-vulnerabilities/ http://secunia.com/advisories/44917 http://www.exploit-db.com/exploits/17390 http://www.osvdb.org/72890 http://www.securityfocus.com/bid/48224