CVE-2011-5235

SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.

Date published : 2012-10-25

http://www.securityfocus.com/bid/51113

http://www.mnogosearch.org/doc33/msearch-changelog.html#changelog-3-3-12