CVE-2009-4574

SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter.

Date published : 2010-01-06

http://www.exploit-db.com/exploits/10809

http://packetstormsecurity.org/0912-exploits/iescorts-sql.txt