CVE-2012-5292

Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) gallery_e.php, (2) pageE.php, or (3) pageH.php.

Date published : 2012-10-04

http://www.securityfocus.com/bid/51317

http://packetstormsecurity.org/files/view/108438/atar2bcms-sql.txt