CVE-2005-3497

Name of the Vulnerable Software and Affected Versions PHP Handicapper (affected versions not specified)

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the serviceid parameter in the process signup.php file. The vendor initially disputed this issue, claiming it was a false report, but further investigation suggests the original report is correct.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.