SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request.Referenceshttp://www.securityfocus.com/bid/34189http://osvdb.org/52833http://lampsecurity.org/Pixie-CMS-Multiple-Vulnerabilitieshttps://www.exploit-db.com/exploits/8252http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0324.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/49335http://secunia.com/advisories/34364
