2009-02-02 21:29:00
mitre
PUBLISHED
SQL injection vulnerability in messages.php in I-Rater Basic allows remote attackers to execute arbitrary SQL commands via the idp parameter.