SiteEngine is a PHP-based content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "module" parameter of the "comments.php" script before using it in an SQL query. SiteEngine version 7.1 is affected.

Ref: http://www.securityfocus.com/bid/45056

10.49.31 - CVE: Not Available
Platform: Web Application - SQL Injection