CVE-2010-1918

SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatrooms_ID parameter.

Date published : 2010-05-11

http://www.securityfocus.com/bid/40032

http://packetstormsecurity.org/1005-exploits/MOPS-2010-018.pdf