PRODUCT ******* AdCycle http://www.adcycle.com/ DESCRIPTION *********** AdCycle is ad rotating software written in Perl language, which uses DBI with mysql driver to access database. AdCycle constructs a very many SQL statement with data taken straight from untrusted source. Although in many case it use DBI quote(), it still possible in other cases to perform SQL injection attacks against AdCycle software to manipulate the server's database. VENDOR NOTIFICATION ******************* We notified the vendor about 40 minutes ago. No time to tap feet waiting. This is marathon.
