CVE-2012-3477

SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action.

Date published : 2012-08-25

http://archives.neohapsis.com/archives/bugtraq/2012-08/0087.html

http://adamcaudill.com/2012/08/12/neoinvoice-blind-sql-injection-cve-2012-3477/