Security Advisory
CVE-2008-6165
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters.