News Document Title:
====================
eFront Enterprise Edition fixed critical SQL Injection [FIXED!]


Release Date:
=============
2011-10-06


Laboratory Article:
===================
eFront closed a critical SQL Injection vulnerability on the eLearning CMS v3.6.9 within 2 days.

Update: http://www.efrontlearning.net/download

Exploitable Version: eFront v3.6.9
New secure Version: eFront v3.6.10

eFront Log: Fixed SQL injection security vulnerability reported by Vulnerability Research Laboratory, vulnerability-lab.com (Mohammed A.A.)