CVE-2015-6512

SQL injection vulnerability in the get_messages function in server/plugins/chatroom/chatroom.php in FreiChat 9.6 allows remote attackers to execute arbitrary SQL commands via the time parameter to server/freichat.php.

Date published : 2015-08-18

https://www.exploit-db.com/exploits/37592/

http://packetstormsecurity.com/files/132673/FreiChat-9.6-SQL-Injection.html