In-Reply-To: <41EAA8C8.6050600@xxxxxxxxx> >phpGiftReq doesn't validate the parameters. This allows SQL Injection >and modification of data in the database. > >This vulnerability has been tested with phpGiftReq 1.4.0 Fixed these flaws and many others in 1.5.0b1.