ZeusCMS <= 0.3 (security.php) SQL Injection Vulnerability

Description:

SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.

References:

CVE-2007-6622
BID-27058
EDB-4798

Disclosure Date:

December 27, 2007