MGB Multiple Cross Site Scripting and SQL Injection Vulnerabilities
The original article can be found at: http://www.securityfocus.com/bid/54348
The information has been provided by Stefan Schurtz.
* MGB Multiple Cross Site Scripting and SQL Injection Vulnerabilities
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
MGB 0.6.9.1 is vulnerable; other versions may also be affected.
Currently we are not aware of any vendor-supplied patches
Initial Release:Jul 09 2012