Intrusion Prevention

Andys.PHP.Knowledgebase.SQL.Injection

Description

This indicates a possible attempt to exploit a SQL Injection vulnerability in
Andy's PHP Knowledgebase.
The vulnerability is due to errors in "a_viewusers.php". It may allow remote attackers to execute arbitrary SQL commands.

Affected Products

Andy's PHP Knowledgebase 0.95.2. Earlier versions may also be affected.

Impact

System Compromise: Execution of arbitrary SQL commands on the system.

Recommended Actions

Currently we are not aware of any official fix for this issue.

CVE References

CVE-2011-1546