CVE-2010-4963

Publication date

2011-10-09 10:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.