• info
• discussion
• exploit
• solution
• references

Weekly Drawing Contest CVE-2007-1602 SQL-Injection Vulnerability

Weekly Drawing Contest is prone to a sql-injection vulnerability. SQL injection vulnerability in check_vote.php in Weekly Drawing Contest 0.0.1 allows remote attackers to execute arbitrary SQL commands via the order parameter.