CVE-2008-5954
23.01.2009, 19:00
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Awaiting analysis
This vulnerability is currently awaiting analysis.