Security Advisory
CVE-2008-6028
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter in a subject action.