CVE-2012-3477 Information

Description

SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action.

Reference

http://adamcaudill.com/2012/08/12/neoinvoice-blind-sql-injection-cve-2012-3477/ http://archives.neohapsis.com/archives/bugtraq/2012-08/0087.html